[Samba] Winbind loosing AD user
pfb4212 at rit.edu
pfb4212 at rit.edu
Fri Jan 13 20:48:18 GMT 2006
Hello all! Can someone please help?
I have a question that is bugging me. I am running a production RedHat
EL3 machine for about a year now with Samba version 3.0.9-1.3E.2
My personal user account stopped working two days ago. I initially thought
my password expired, so I reset it in AD.
But I can log onto my win2k box without issue, but not into my linux file
server. I checked to see if my machine had been cracked and no all is ok.
In summary:
My active directory account was not deleted, moved, or edited at any
point around the time of this incident.
Winbind no longer recognizes my linux UID to my SID.
Tests - assuming user is jdoe and AD Domain is AD_DOM:
wbinfo -a jdoe%password completes with success.
wbinfo -n jdoe completes with success and reports
"S-1-5-21-1708537768-776561741-1177238915-1127 User (1)"
wbinfo -s S-1-5-21-1708537768-776561741-1177238915-1127 completes with
success and reports "AD_DOM+JDoe 1"
wbinfo -S S-1-5-21-1708537768-776561741-1177238915-1127 fails and
reports "Could not convert sid
S-1-5-21-1708537768-776561741-1177238915-1127 to uid"
wbinfo -u|grep jdoe reports nothing and confirms my suspicions.
So I have lost the database entry for my userid to sid. I attempted to
recreate the user using wbinfo -c jdoe, but while the command line reported
"Generated user with RID 3000" I am still not able to be seen as a valid
account on the system. I am assuming that I would need to reenter my uid
-> sid mapping into the database. How can I go about this? I know my old
uid was 1001.
So I am at a loss to my next steps. Could you please advise. Thank you
ever so much.
Cheers, Peter.
More information about the samba
mailing list