[Samba] Samba update 3.0.14a to 3.2.5 -> machine needs unix account!?!

Mario Wolff wolfshoehle at googlemail.com
Wed Sep 9 08:45:11 MDT 2009

Hi list,
i've updated from 3.0.14a to 3.2.5 using a PDC-LDAP-setup.
With 3.0.14a the "Primary Group SID" value was taken from LDAP's machine
account entry.

#pdbedit -Lv machine$ -d 10
smbldap_search: base => [o=mybase], filter =>
[(&(uid=machine$)(objectclass=sambaSamAccount))], scope => [2]
init_sam_from_ldap: Entry found for user: machine$
pdb_set_username: setting username machine$, was
pdb_set_domain: setting domain MYDOM, was
pdb_set_nt_username: setting nt username machine$, was
pdb_set_user_sid_from_string: setting user sid S-<mysid>-7842
pdb_set_user_sid: setting user sid S-<mysid>-7842
pdb_set_group_sid_from_string: setting group sid S-<mysid>-515
pdb_set_group_sid: setting group sid S-<mysid>-515

The 3.2.5 try's to resolv the unix-account to get the group! The
pdb_set_group_sid are missing!
To workarround i've modifyed my libnss_ldap.conf to include the
computers-tree of my ldap. We have much scripts that itterate our users by
"getent passwd|while read...." so it's not possible to keep all machines as

Why has this changed? Ist there any way to get the old style back?

Thanks a lot!


More information about the samba mailing list