[Samba] net rpc user add produces duplicate SID
Sebastian Scholz
gsscholz at gmail.com
Wed Dec 23 02:37:59 MST 2009
Hi list,
The task is to move an old samba installation (ubuntu with samba 3.0 brachch) to
a new debian installation with samba 3.3.9. Both setups work as pdcs and have an
ldap backend which I try to move from one setup to the next.
In this new setup I tried to ldapsam:editposix = yes. Therefore I also installed
winbind.
I moved the domain SID and the local SID to the new pdc and filled the ldap
directory with all users and machines from the old machine. I can access the smb
via smbclient, id user works and getent passwd, etc.
BUT when I try to add a new user with
# net rpc user add newusername
the user gets a SID which is already used by a machine account. The command
responds with "Faild to add user 'newusername' with: No such user."
# pdbedit -L
reports this user and this machine account with ldapsam_getsampwsid: More than
one user with SID [S-1-5-21....]. Failing. count=2. Deleting the user via
# net rpc user delete newusername
works.
I know how to increase the used uid but I don't know to let winbind use the next
free RID.
Extracts from my smb.conf:
passdb backend = ldapsam
ldap suffix is set
ldap admin dn is set
ldap user/group/machine/idmap suffix are set
ldapsam:trusted = yes
ldapsam:editposix = yes
idmap uid = 10000 - 20000
idmap gid = 10000 - 20000
Hope anyone can help and merry christmas to the list
Sebastian
More information about the samba
mailing list