[Samba] User/Machine RID generation error?
Adnan Yusuf
ayusuf at greaterthanone.com
Tue Jul 26 22:25:00 GMT 2005
Hello:
I'm using:
- samba-common-3.0.9-1
- kernel 2.6.5-1.358
- FC 2
- openldap-servers-2.1.29-1
We're running an NT4 domain using an LDAP backend, and everything was running fine until recently. The first thing that I noticed that new users were suddenly being assigned SambaSID's that were previously being assigned to machines.
Previously:
Typical User Entry:
uid: john
sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-2416
Typical Machine Entry:
uid: somebox$
sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-3134
Now:
Typical User Entry:
uid: jack
sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-3136
So the next time I tried to add the machine newbox, I get this error:
-------------- pdbedit -a -m newbox -d100 -----------------------------------------------------------------------
pdb_set_user_sid: setting user sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136
element 18 -> now SET
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136 from rid 3136
smbldap_search: base => [ou=Groups,dc=somedomain,dc=com], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=1068))], scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_getgroup: Did not find group
pdb_set_group_sid: setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3137
element 19 -> now SET
pdb_set_group_sid_from_rid:
setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3137 from rid 3137
element 20 -> now DEFAULT
element 33 -> now CHANGED
element 32 -> now CHANGED
element 11 -> now CHANGED
element 21 -> now CHANGED
account_policy_get: maximum password age:-1
element 10 -> now CHANGED
account_policy_get: minimum password age:0
element 9 -> now CHANGED
pdb_set_username: setting username newbox$, was newbox$
element 12 -> now CHANGED
element 20 -> now CHANGED
pdb_set_group_sid: setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-515
element 19 -> now CHANGED
pdb_set_group_sid_from_rid:
setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-515 from rid 515
smbldap_search: base => [dc=somedomain,dc=com], filter => [(&(&(uid=newbox$)(objectclass=sambaSamAccount))(objectclass=sambaSamAccount))], scope => [2]
smbldap_open: already connected to the LDAP server
element 18: SET
smbldap_search: base => [dc=somedomain,dc=com], filter => [(&(sambaSID=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136)(objectclass=sambaSamAccount))], scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_add_sam_account: SID 'S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136' already in the base, with samba attributes
Unable to add machine! (does it already exist?)
----------------------------------------------------------------------------------------------------------------------
What happened? How does pdbedit generate new RID's? How can I fix this, since as of now I can't add any machines!
Please help!
Regards,
Adnan.
More information about the samba
mailing list