[Samba] root's SID

Adam Williams awilliam at mdah.state.ms.us
Fri Jan 11 18:17:06 GMT 2008 

I'm playing around with samba + LDAP in a test environment.  In LDAP 
root doesn't have a SambaSID:, but root does have a User SID: in 
pdbedit.  Do I need to set the SambaSID in LDAP for the user root, or 
does it not matter?  If so, how?  I tried smbpasswd -a, smbldap-useradd, 
and smbldap-passwd -a and none worked.  But I can load the SambaSID in 
by hand with ldapmodify if I need to.  I can log into my domain as root 
ok however.


[root at gomer samba]# pdbedit -U 
S-1-5-21-2139886109-2393431639-217723040-1000 root
smbldap_search_domain_info: Searching 
for:[(&(objectClass=sambaDomain)(sambaDomainName=ADAMSTEST))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching 
for:[(&(objectClass=sambaDomain)(sambaDomainName=ADAMSTEST))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
init_sam_from_ldap: Entry found for user: root
init_ldap_from_sam: Setting entry for user: root
ldapsam_update_sam_account: successfully modified uid = root in the LDAP 
database
init_sam_from_ldap: Entry found for user: root
Unix username:        root
NT username:          root
Account Flags:        [U          ]
User SID:             S-1-5-21-2139886109-2393431639-217723040-1000
init_group_from_ldap: Entry found for group: 0
init_group_from_ldap: Entry found for group: 0
Primary Group SID:    S-1-5-21-2139886109-2393431639-217723040-1005
Full Name:            root
Home Directory:       \\GOMER\homes\root
HomeDir Drive:        r:
Logon Script:         scripts\logon.bat
Profile Path:         \\GOMER\profiles\root
Domain:               ADAMSTEST
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          never
Kickoff time:         never
Password last set:    Fri, 11 Jan 2008 12:03:50 CST
Password can change:  Fri, 11 Jan 2008 12:03:50 CST
Password must change: never
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF


[root at gomer samba]# ldapsearch -D 
'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b 
"uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxxx -x
# extended LDIF
#
# LDAPv3
# base <uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us> with 
scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# root, People, gomer.mdah.state.ms.us
dn: uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
uid: root
cn: root
sn: root
mail: root at dc=mdah,dc=state,dc=ms,dc=us
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxx
shadowLastChange: 13704
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: root

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

More information about the samba mailing list