[Samba] User/Machine RID generation error?

Adnan Yusuf ayusuf at greaterthanone.com
Tue Jul 26 22:25:00 GMT 2005 

Hello:

I'm using:


 - samba-common-3.0.9-1
 - kernel 2.6.5-1.358
 - FC 2
 - openldap-servers-2.1.29-1

We're running an NT4 domain using an LDAP backend, and everything was running fine until recently. The first thing that I noticed that new users were suddenly being assigned SambaSID's that were previously being assigned to machines.


Previously:

 Typical User Entry:
    uid: john
    sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-2416

 Typical Machine Entry:
    uid: somebox$
    sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-3134


Now:

 Typical User Entry:
    uid: jack
    sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-3136



So the next time I tried to add the machine newbox, I get this error:


-------------- pdbedit -a -m newbox -d100 -----------------------------------------------------------------------
pdb_set_user_sid: setting user sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136
element 18 -> now SET
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136 from rid 3136
smbldap_search: base => [ou=Groups,dc=somedomain,dc=com], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=1068))], scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_getgroup: Did not find group
pdb_set_group_sid: setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3137
element 19 -> now SET
pdb_set_group_sid_from_rid:
        setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3137 from rid 3137
element 20 -> now DEFAULT
element 33 -> now CHANGED
element 32 -> now CHANGED
element 11 -> now CHANGED
element 21 -> now CHANGED
account_policy_get: maximum password age:-1
element 10 -> now CHANGED
account_policy_get: minimum password age:0
element 9 -> now CHANGED
pdb_set_username: setting username newbox$, was newbox$
element 12 -> now CHANGED
element 20 -> now CHANGED
pdb_set_group_sid: setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-515
element 19 -> now CHANGED
pdb_set_group_sid_from_rid:
        setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-515 from rid 515
smbldap_search: base => [dc=somedomain,dc=com], filter => [(&(&(uid=newbox$)(objectclass=sambaSamAccount))(objectclass=sambaSamAccount))], scope => [2]
smbldap_open: already connected to the LDAP server
element 18: SET
smbldap_search: base => [dc=somedomain,dc=com], filter => [(&(sambaSID=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136)(objectclass=sambaSamAccount))], scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_add_sam_account: SID 'S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136' already in the base, with samba attributes
Unable to add machine! (does it already exist?)
----------------------------------------------------------------------------------------------------------------------


What happened? How does pdbedit generate new RID's? How can I fix this, since as of now I can't add any machines!


Please help!





Regards,
Adnan.

More information about the samba mailing list