Ubuntu samba 恢复 idmap 数据库

所以我遇到了灾难，必须在星期一早上启动并运行服务器：D我的 ubuntu 服务器设置了 samba / winbind 并加入了活动目录域控制器，保存了许多部门的共享文件夹，这些共享文件夹具有基于 AD 用户的特定访问权限。我的主服务器疯了，一切都停止了工作。经过一些故障排除后，我决定不再浪费时间，而是创建一个具有完全相同配置的新服务器，一切都很顺利，我在新 VM 上安装了旧磁盘，并且我能够访问共享，但是......访问权限搞砸了，自然新的 UID 被分配给不同的用户。所以我做了一些挖掘，我从旧服务器复制了旧的 winbindd_idmap.tdb 并在新服务器上恢复它。它不起作用所以我将整个 /var/lib/samba 复制到新服务器，但它不起作用。我甚至复制了 /etc/passwd 和 /etc/shadow 和 group，但我知道这是不必要的，因为它们不包含任何映射。不用说它没有用。有人知道如何创造奇迹并让旧用户在新服务器上映射以便正确反映访问权限吗？

非常感谢

这是我的 smb.conf：

[global]

# No .tld
workgroup = UFA
# Active Directory System
security = ads
# With .tld
realm = UFA.LOCAL
# Just a member server
domain master = no
local master = no
preferred master = no
# Disable printing error log messages when CUPS is not installed.
printcap name = /etc/printcap
load printers = no
# Works both in samba 3.2 and 3.6.        
idmap backend = tdb
idmap uid = 10000-99999
idmap gid = 10000-99999
# no .tld
idmap config UFA:backend = rid
idmap config UFA:range = 10000-99999
winbind enum users = yes
winbind enum groups = yes
# This way users log in with username instead of [email protected]
winbind use default domain = yes
# Inherit groups in groups
winbind nested groups = yes
winbind refresh tickets = yes
winbind offline logon = true
# Becomes /home/example/username
template homedir = /home/%D/%U
# No shell access
template shell = /bin/false
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
log file = /var/log/samba/samba.log
log level = 2

[Share]

comment = Share
path = /share/
valid users = @UFA\"Domain Users"
force group = "domain users"
writable = yes
read only = no
force create mode = 0660
create mask = 0777
directory mask = 0777
force directory mode = 0770
access based share enum = yes
hide unreadable = yes