[Samba] Crazy User Entry in W2k, Samba 3.0.2a-Debian,
UID-SID Mapping damaged ?
Thomas Reiß
Thomas.Reiss at Theresien-Krankenhaus.de
Tue May 4 08:19:06 GMT 2004
Hi,
i'am testing to setup a plain Samba PDC Domain.
Now i habe the strange Problem, that the User Entry in Windows Security
Dialog show different User that the underlying Samba Filesystem (XFS).
In W2k is a User ACL called TKH\games, but such user isn't allow to do
anything in the Filesystem, so what's going on ?
Here some more Infos:
debian:/var/log/samba# smbd -V
Version 3.0.2a-Debian
debian:/var/log/samba# ls -l /var/samba/ | grep test
drwxrws--- 2 reiss edv 28 May 3 17:43 test
debian:/var/log/samba# getfacl /var/samba/test/
getfacl: Removing leading '/' from absolute path names
# file: var/samba/test
# owner: reiss
# group: edv
user::rwx
group::---
group:pflege:rwx
mask::rwx
other::---
default:user::rwx
default:group::---
default:group:pflege:rwx
default:mask::rwx
default:other::---
debian:/var/log/samba# grep games /etc/passwd
games:x:5:100:games:/usr/games:/bin/sh
debian:/var/log/samba# net getlocalsid
SID for domain DEBIAN is: S-1-5-21-521418629-2349234423-895658885
--> Why is the Domain not TKH (which is configured in smb.conf ?)
debian:/var/log/samba# net groupmap list
System Operators (S-1-5-32-549) -> -1
reiss (S-1-5-21-521418629-2349234423-895658885-1001) -> reiss
Pflege (S-1-5-21-521418629-2349234423-895658885-1000) -> pflege
root (S-1-5-21-521418629-2349234423-895658885-1002) -> root
Domain Users (S-1-5-21-521418629-2349234423-895658885-513) -> users
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
nogroup (S-1-5-21-521418629-2349234423-895658885-1008) -> nogroup
Domain Guests (S-1-5-21-521418629-2349234423-895658885-514) -> nogroup
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Account Operators (S-1-5-32-548) -> -1
Domain Admins (S-1-5-21-521418629-2349234423-895658885-512) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1
--> looks strange too !?
Where comes the SID S-1-5-32-545 ?
(some Lines deleted)
debian:/var/log/samba# net user -l
root password:
User name Comment
-----------------------------
games
nobody
root
news
postgres
bin
reiss
operator
[global]
workgroup = TKH
server string = %h server (Samba %v)
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
printcap name = cups
add machine script = /usr/sbin/useradd -d /dev/null -g
workstations -s /bin/false -c
logon script = skripte\login.cmd
logon path = \\%L\profiles\%U\%a
logon drive = I:
domain logons = Yes
os level = 66
preferred master = Yes
domain master = Yes
wins server = 172.30.8.6
ldap ssl = no
panic action = /usr/share/samba/panic-action %d
printing = cups
Windows 2000 Service Pack 4
I can't change the User Rigth's in Windows Security Dialog too (after
reopen the Securitydialog the Right's resets everytime back to
Original).
Can you point me to the source of the Problem ?
I think something going completly wrong.
Can anybody help me ?
Thank You
Thomas
More information about the samba
mailing list