[Samba] Winbind issue after upgrading from 4.7.5 to 4.8.3
Rowland Penny
rpenny at samba.org
Mon Aug 6 18:05:52 UTC 2018
On Mon, 6 Aug 2018 14:38:33 +0200
Miguel Sanders via samba <samba at lists.samba.org> wrote:
> Hi guys
>
> We recently upgraded our Samba clusters from 4.7.5 to 4.8.3 and
> noticed a difference in behavior for winbind.
> The situation is as follows
> Assume we have a local Linux user XYZ (UID 519) as well as a AD user
> object XYZ (UID 30001).
> idmap config * : backend = tdb2
> idmap config * : range = 30000-50000
>
> In our share definitions we regularly use the "force user" directive.
> In 4.8.3, when using "force user = XYZ", we are forcing the UID of
> the AD user object XYZ (UID 30001) and not the local Linux user XYZ
> (UID 519). In 4.7.5 this worked fine.
> Is this change intentional or a defect?
>
> Moreover, when running "id XYZ", the correct UID 519 is given.
> The groups, however, are a mix of local groups and AD groups. This
> behavior was also different in 4.7.5.
>
> 4.8.3
> # id XYZ
> uid=519(XYZ) gid=1(bin) groups=1(bin),30004(DOSIM000+domain users)
> # id xyz
> uid=30001(DOMAIN+XYZ) gid=30004(DOSIM000+domain users)
>
> 4.7.5
> # id XYZ
> uid=519(XYZ) gid=1(bin) groups=1(bin)
> # id xyz
> id: ‘xyz’: no such user
>
> Thanks for your help
>
How are you running Samba ? can you post your smb.conf
What OS is this on ?
The problem is, you shouldn't have a local user called 'XYZ' and an AD
user called 'XYZ', you should just have the AD user.
Rowland
More information about the samba
mailing list