[Samba] Adding a second server, SIDs in security tab?
mark at maunzelectronics.com
Tue Feb 5 18:24:21 GMT 2008
I added a new server a few days ago to an existing Domain Controller
has been working fine for over a year.
(Debian Linux, DRBD, Linux-HA, etc.)
This server is just being used for more space, basically.
Users log in normally and map a drive to this new server and all seems
to be well.
This server is mapped in a kixtart script to G: and the 'main' server is
mapped to F:
When you look at the security tab on any client machine you see for groups
Unix Group\1017, for example.
For the user, you see Unknown User and their SID.
All clients are Windows XP Pro.
If you do the same on a file or directory in F: you do not see this, you
see the user and groups normally...
but that is the working PDC.
I am sure that LDAP is working properly on both servers, the new one is
using the LDAP server on the main server
and 'getent group' and passwd show me the users in LDAP and passwd, etc.
I can run ls -l on any directory in the share and see the user and group
names as I expect, not numerical values.
net groupmap list shows me the same on both servers, etc.
I have never added a second server to just basically be a 'share' server
before, so I configured it in a manner that seemed logical to me, but it
is probably wrong. <g>
I did not place it in debug to see what is going on in depth because it
is being used at the moment.
Anyone have an idea on what I may have set wrong or just plain omitted?
Here is the config to the second server... it's basically pretty plain.
workgroup = LCB
netbios name = Images
passdb backend = ldapsam:ldap://10.1.1.5
idmap backend = ldap:ldap://10.1.1.5
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 10000
logon path =
domain logons = no
os level = 10
domain master = no
ldap admin dn = cn=admin,dc=domain,dc=com
ldap group suffix = ou=groups
ldap machine suffix = ou=machines
ldap passwd sync = Yes
ldap suffix = dc=domain,dc=com
ldap user suffix = ou=users
panic action = /usr/share/samba/panic-action %d
oplocks = No
level2 oplocks = No
comment = Images
path = /srv/files
read only = No
vfs objects = recycle
recycle:noversions = *.doc
recycle:exclude_dir = /tmp
recycle:exclude = *.tmp
recycle:maxsize = 0
recycle:versions = Yes
recycle:touch = Yes
recycle:keeptree = Yes
recycle:repository = /srv/deleted/%U
More information about the samba