You only need to know the information in this post if you will be connecting non-Windows-based operating systems or devices to an Active Directory domain
As described in the Samba documentation and elsewhere, rfc2307 attributes are the standard UNIX values associated with a UNIX object, most commonly a user. These attributes are inserted into the Active Directory domain database contained on the domain controller. Computers, groups, and users can have rfc2307 attributes.
For our AD purposes, these are the rfc2307 attributes we use:
unixHomeDirectory can be overridden in a Samba configuration file in order to standardize user environments, but
gidNumber must be carefully managed to ensure they are defined for any user or group involved in UNIX services that access AD. And their values MUST be unique for their type.
There can be a
gidNumber with the same value, but no 2
uidNumber can have the same value and neither can any 2
gidNumber have the same value
What is most import to understand: by default in a new AD domain, NO rfc2307 attributes are defined. Managing when and where these attributes are defined, along with why and how they are used, is an administrative task
This guide assumes you already have an AD domain controller, a Windows operating system connected to the AD domain with RSAT installed, and a Linux operating system connected to the AD domain. The example systems are named: domain controller
ubuntu-vm, Windows desktop
win8.1-mockup, and Linux desktop
When AD is first installed, the rfc2307 attributes are not defined and the starting values for “user id” uidNumber and “group id” gidNumber are 10000 each.
ADUC advanced properties
We need to enable the viewing of advanced properties in ADUC