[Samba] Weird 'net getlocalsid' problem (Samba + LDAP)
anthony.linux at gmail.com
Fri May 13 18:29:05 GMT 2005
I'm setting up a PDC with LDAP (Posix and Samba accounts) backend.
Samba version is 3.0.10 (FC3 x86_64 version). I'm following the
instructions on the IDEALX site. I've done this before with older
versions. It appears some things have changed in LDAP, Samba, and the
smbldap-tools, but for the most part the procedure is the same.
The problem I'm getting is with the 'net getlocalsid'. When I run
this command, I get the usual output. However, it always says the SID
for the Hostname, not the Domain. Even when the smb service is
running in domain controller mode, I can't get any output from 'net
getlocalsid DomainName'. I get the following response: "Can't fetch
domain SID for name: DomainName"
When I check the LDAP domain (with GQ), it shows the
SambaDomainName=<hostname> and not the domain name. When I browse the
computer through a windows box, it shows up as the right domain.
In all my other installations like this (RH9 mostly with various
versions of Samba 3.0.x), this field shows up as
SambaDomainName=<domain name>, like it should.
Am I doing something wrong? Did something change with how samba
"inserts" this entry into the LDAP database?
Here's an excerpt from my smb.conf global section:
log file = /var/log/samba/%m.log
load printers = yes
idmap gid = 16777216-33554431
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
username map = /etc/samba/smbusers
winbind use default domain = no
template shell = /bin/false
wins support = true
dns proxy = no
cups options = raw
netbios name = Hostname
server string = Network Samba Server
idmap uid = 16777216-33554431
workgroup = DomainName
os level = 20
printcap name = /etc/printcap
security = user
max log size = 50000
domain master = Yes
ldap passwd sync = Yes
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=Manager,dc=ldapdomain
ldap suffix = dc=ldapdomain
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script =
/usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
Dos charset = 850
Unix charset = ISO8859-1
-- End excerpt
Thanks for any help,
More information about the samba