UIDs and GIDs on NFS shares

I have successfully implemented NFS volume sharing and LDAP between two virtualmin servers. (clap clap drum roll applause ta!)

However, I can see something becoming a bit of an issue…

At present, LDAP works because I followed the guide here, and I have the home directory on one server mounted on another server, so when I create a new account on the other server, the contents is with the rest of it. But there is an issue with user id’s and groups.

If say for example, user 501 and group 502 corresponds with a particular domain owner on the host server, the same 501 and 502 might belong to something else on the other server.

How do we get around this??


Yeah, NFS generally assumes that your user and groups will be sync’d if you’re working with multiple servers.

That is, there’s not really a good way to handle the idea that there can be two different users with UID 501. The way to handle that would be to either:

  1. This is a bit of a hack, but you could solve it by making sure the UID’s and GID’s between your servers don’t overlap. I believe you can solve that by editing “/etc/login.defs”, and setting what UID and GID to start with… you could modify one of your servers, and pick a much higher number.

  2. The usual way that’s solved is to just use one LDAP-store for all your servers. That is, if you add a user with UID 501 on Server1, and then go to create another user on Server2, the users UID would be 502 – because you’d have Server1 and Server2 pointing at the same LDAP store.