[Samba] windows SID are unknown for a samba member server?

Alexander Lazarevich alazarev at itg.uiuc.edu
Thu Aug 31 20:45:48 GMT 2006 

On Thu, 31 Aug 2006, Gerald (Jerry) Carter wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Alexander Lazarevich wrote:
>
>>> testparm on smb.conf is fine:
>>>
>>> [root at zeus lib]# testparm
>>> Load smb config files from /usr/local/encap/samba-3.0.23a/lib/smb.conf
>>> Processing section "[homes]"
>>> Processing section "[staff]"
>>> Processing section "[users]"
>>> Loaded services file OK.
>>> Server role: ROLE_DOMAIN_MEMBER
>
> This is wrong for security = server.  What version
> are you running ?  I'd also suggest security = domain
> instead.

We run samba 3.0.23a. Looking at smb.conf man pages, maybe you are right. 
Security = server has worked great for us for years, and it still works 
fine in older versions of samba. We don't want our samba servers to be 
domain members, we just want them to auth to an NT4 PDC. That's what I 
thought security = server was supposed to do. But maybe a switch to 
security = domain will fix our SID problems.

What is odd is that the samba server that does NOT have this SID problem 
(RHEL3-AS x86, running the stock redhat RPM [samba-3.0.9-1.3E.10]) also 
reports back a testparm of the same thing:

[root at apache root]# testparm
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER

The smb.conf here is:

[global]
    server string = Samba server
    interfaces = xxxxx
    wins server = xxxxx
    domain master = no
    domain logons = no
    preferred master = no
    netbios name = hostname
    announce version = 1.0
    getwd cache = yes
    wide links = yes
    preserve case = yes
    load printers = no
    password level = 8
    security = server
    password server = IP of NT4 PDC
    workgroup = DUDESDOMAIN
    time server = no
    #status = yes
    encrypt passwords = yes
    socket options = TCP_NODELAY IPTOS_LOWDELAY
    hosts allow = xxxxxxx
    log file = /var/log/samba/hostname-samba.log
    max log size = 0
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

Alex

More information about the samba mailing list