Hi There,
referring to your article UCS 4.4-8: Eighth Point Release of UCS 4.4 - Preparation for Upgrade to UCS 5 and Performance Improvements the S4 Connector now SHOULD synchronize the gidNumber attribute of group objects. This information is necessary for systems that use an RFC2307 compliant idmap. The attribute is now synchronized from UCS to Samba 4 by default.
And yes, it does so for the Users entities but NOT for Groups on all UCS Domain clients, at least for my macos 11 or 12 clients. Because this is not valid for a macos 10.15 client I’ve already opened another thread at Apple Community (https://discussions.apple.com/thread/253388822).
Try binding without specifying any of the mappings. Then open Terminal and use the “id” command:
id user@domain.org
It should return uid=##########, gid=##########(DOMAIN\Domain Users), groups=##########(DOMAIN\Domain Users)
However, without custom Mappings in Apple Directory Utility-Mapping Pane it is impossible to bind the client in such a way that the users are mapped. The only way to reach that is:
Nevertheless, using the id command the GIDs are not mapped as they should be like gid=##########(DOMAIN\Domain Users). That caused by the fact that the ‘dsAttrTypeNative:gidNumber’ is “transferred” for users but not for groups under macos 11 or 12.
For me, it’s absolutely not clear whether this is caused by the UCS Upgrade to UCS 5.0 or the macos upgrade or by both.
Any appreciated ideas how to overcome that incompatibility between those two systems?
Thx in advance