[Samba] Duplicate winbind uid/gid
Shawn Wright
swright at zuiko.sls.bc.ca
Thu Feb 13 02:11:31 GMT 2003
We've encountered the following problem on our Redhat 7.2/XFS box
running samba 2.2.3 with winbind and acl support. This week, some local
accounts were created on the samba box for the installation of djb's
dnscache. In addition, some NT domain accounts were also created on
the NT4 PDC. The samba box is configured to use the NT4 domain for
authentication; none of the local accounts are used for samba. In
checking, I can see that one of the local accounts I created was assigned
the same uid as that assigned by winbind for one of the new domain
accounts!
I have the following in smb.conf, which I thought was meant to avoid such
collisions, but it appears that adduser used what it thought was the next
available uid, as did winbindd...
[global]
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
Adding local accounts is not something done very often, but I would like to
prevent this occurrence in the future, and fix the collision I now have.
Here is the acct in /etc/passwd:
Gdnscache:x:11079:11079::/etc/dnscache:/bin/nologin
Here's the account from winbindd, using getent passwd:
SHAWNIGAN+MCHAUDHU:x:11079:10001:(S -Gr.10) Mallika
Chaudhuri:/home/student/mchaudhu:/bin/false
Also, what I expect is an unrelated issue, I am seeing the occasional
message like this in the winbindd logs, for a domain user that *does* exist:
user 'glinn' does not exist
[2003/02/11 15:00:11, 1]
nsswitch/winbindd_user.c:winbindd_getpwnam_from_user(142)
Any ideas what could cause this?
Shawn Wright, I.T. Manager
Shawnigan Lake School
swright at SLS.bc.ca
http://Zuiko.sls.bc.ca/swright
http://www.sls.bc.ca
More information about the samba
mailing list