Linux + Kerberos + Active Directory + Account UID Mapping?

I've played around with integrating Linux against Active Directory quite a long time ago and made this work with a couple of machines, so I know it's possible and that it can be done a couple of ways, including WinBind with NTLM or Kerberos.

Authenticating is the relatively easy part, but what I want is a way of keeping the same UIDs across all the Linux boxen. I have looked across lots of web searching and things I have bookmarked but they focus more on the authentication and the local separate UID/GUID maps kept by each individual linux box.

Does anyone know anything about the UID mapping across all linux boxen so that the same user account name and login will get the same UID across all machines?

I don't know about Linux but with FreeBSD, I can change the UID of any user with the pw command.

pw usrmod -n don -u 100 or whatever UID you give it.

There must be a way to do that with Linux.

?

I don't want to change the UID of a user.

I want to have all Users authenticated by Active Directory and to have the same UID for a given user across all machines automatically.

http://blog.scottlowe.org/2007/07/09/li ... rver-2008/

thanks, that had links to older version which talk about 2003 pre R2 since I don't have that yet... looks very promising.

I used to manage a Windows 2000 Server and I don't remember AD giving out numeric IDs.

Yeah, we've got a 2000/2003 mixed domain at work, and I can't remember any time actually seeing any UIDs. But there just has to be a way see who has what...there just as to be.

I don't know about that. Windows doesn't read Linux very well.

I'm currently looking at Services for Unix. This extends the schema and allows some posix attributes like keeping a uid per user for unix based systems to use.