Solved: [Samba] sid_to_uid/public share problem

Robert robert at spotswood-computer.net
Mon Jun 9 23:26:31 GMT 2008 

The problem was during the last update/upgrade the winbind daemon got added to 
the startup for my default runlevel (2). Last night there was a power failure 
long enough for the UPS to give out. When the power came back on, the 
computer rebooted and the winbind service started.

Stopping the winbind service made the share work properly again. It has since 
been removed from runlevel 2.

I am curious as to why it would only mess up mapping to the guest user and not 
everyone else. Can anyone enlighten me?

On Monday 09 June 2008, Robert wrote:
> I've got a public share that any user is supposed to be able to access. But
> no matter who I try to connect as, I get the dreaded:
> "NT_STATUS_NO_SUCH_USER".
>
> Important info: Samba version: 3.0.28a, OS: Kubuntu 8.04
>
> Looking at the logs, I think the problem is here:
>
> auth/auth_util.c:create_token_from_username(1116)
>   sid_to_uid for pcguest (S-1-5-21-1683542063-625151989-839735972-501)
> failed
>
> My smb guest account line is: guest account = pcguest
>
> The user does exist in the samba database (pdbedit -Lv pcguest):
>
> Unix username:        pcguest
> NT username:
> Account Flags:        [U          ]
> User SID:             S-1-5-21-1683542063-625151989-839735972-501
> Primary Group SID:    S-1-5-21-1683542063-625151989-839735972-513
> Full Name:
> Home Directory:       \\linuxii\pcguest
> HomeDir Drive:        H:
> Logon Script:         home.bat
> Profile Path:         \\linuxii\profiles\pcguest
> Domain:               HAP
> Account desc:
> Workstations:
> Munged dial:
> Logon time:           0
> Logoff time:          never
> Kickoff time:         never
> Password last set:    Mon, 09 Jun 2008 13:42:49 CDT
> Password can change:  Mon, 09 Jun 2008 13:42:49 CDT
> Password must change: never
> Last bad password   : 0
> Bad password count  : 0
> Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>
> and the user exists in /etc/passwd (getent passwd | grep -i pcguest):
> pcguest:x:1042:1042::/home/pcguest:/bin/false
>
> I've reset both passwords to the same thing just to be sure, but no joy.
> Even restarted the samba server. Still the problem persists.
>
> From the samba server itself, where linuxii is the server name, everyone is
> the public share, and the password for pcguest is just the letter a (for
> now), "smbclient //linuxii/everyone -U pcguest%a" returns:
> Domain=[HAPPY] OS=[Unix] Server=[Samba 3.0.28a]
> tree connect failed: NT_STATUS_NO_SUCH_USER
>
> It also does that for any and every other user too.
>
> Now if I try to connect to pcguest's home directory
> (smbclient //linuxii/pcguest -U pcguest%a) I succeed:
> Domain=[HAP] OS=[Unix] Server=[Samba 3.0.28a]
> smb: \>
>
> Using "pdbedit -Lw pcguest", it shows the uid is correct (1042 which
> matches /etc/password):
> pcguest:1042:7584248B8D2C9F9EAAD3B435B51404EE:186CB09181E2C2ECAAC768C47C729
>904: [U          ]:LCT-484D79A9:
>
> So what am I missing???
>
> =============smb.conf==============
> [global]
>         workgroup = HAPPY
>         netbios name = LINUXII
>         interfaces = 192.168.1.8/32, 127.0.0.1/32
>         bind interfaces only = Yes
>         passdb backend = tdbsam
>         guest account = pcguest
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password*
> %n\n *passwd:*all*authentication*tokens*updated*successfully*
>         username map = /etc/samba/smbusers
>         unix password sync = Yes
>         lanman auth = Yes
>         client lanman auth = Yes
>         log level = 3
>         log file = /var/log/samba/log.%m
>         max log size = 50
>         name resolve order = wins lmhosts bcast
>         time server = Yes
>         deadtime = 15
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         printcap name = cups
>         disable spoolss = Yes
>         show add printer wizard = No
>         add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false
> %u logon script = home.bat
>         logon path = \\%L\profiles\%U
>         logon drive = H:
>         logon home = \\%L\%U
>         domain logons = Yes
>         os level = 34
>         preferred master = Yes
>         domain master = Yes
>         dns proxy = No
>         wins proxy = Yes
>         wins support = Yes
>         hosts allow = 192.168.1., 127.
>
> [homes]
>         comment = Home Directory
>         read only = No
>         browseable = No
> [netlogon]
>         comment = Network Logon Service
>         path = /home/netlogon
>         guest ok = Yes
> [everyone]
>         comment = Public share (everyone has access)
>         path = /home/public
>         force user = pcguest
>         force group = pcguest
>         read only = No
>         force create mode = 0666
>         force directory mode = 0777
>         guest ok = Yes
> <extra shares snipped>
> --
> Fail to learn history-repeat it.
> Fail to learn rights-lose them.
> Learn both-get screwed by previous two groups.



-- 
Fail to learn history-repeat it.
Fail to learn rights-lose them.
Learn both-get screwed by previous two groups.

More information about the samba mailing list