[Samba] UID syncing issues with CTDB
Jeremy Farrar
jeremy.farrar at gmail.com
Tue Aug 17 09:26:05 MDT 2010
I have been working on a CTDB cluster on and off for a while now. I had it
working great for a while. THen I decide dthat I wanted to change the
configuration of my replicated volumes. I changed my DRBD configuration to
match my desired configuration. Now I can get the CTDB to work quite right.
I am able to join the cluster to the domain without issues. I can also list
my ad users and groups using wbinfo so I believe that my nsswitch.conf is
set up properly. I am having problems with the UIDs and GIDs not matching
between the two servers. For instance here is the output for getent on each
server:
Server A:
jfarrar:*:20066:20001:Jeremy Farrar:/home/DOMAIN/jfarrar:/bin/bash
Server B:
jfarrar:*:20002:20001:Jeremy Farrar:/home/DOMAIN/jfarrar:/bin/bash
The output looks good but the UID doesn't match. This will lead to some
weird permissions issues in the future. THe strange thing is that it worked
before. What did I mess up when I reconfigured my volume? Thanks for your
help.
smb.conf:
[global]
server string = %h
workgroup = DOMAIN
netbios name = server
password server = dc1.domain.local
realm = DOMAIN.LOCAL
security = ads
idmap backend = tdb2
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
template homedir = /home/DOMAIN/%U
winbind uid = 20001-200000
winbind gid = 20001-200000
winbind trusted domains only = no
winbind use default domain = true
winbind offline logon = false
winbind enum users = yes
winbind enum groups = yes
obey pam restrictions = yes
printcap name = /etc/printcap
socket options = TCP_NODELAY SO_KEEPALIVE IPTOS_LOWDELAY SO_BROADCAST
clustering = yes
# logs split per machine
log file = %S.log
log level = 2
# max 50KB per log file, then rotate
max log size = 50
passdb backend = tdbsam
#============================ Share Definitions
==============================
[DOMAIN]
comment = Home Directories
path = /DOMAIN
browseable = no
writable = yes
# acl compatibility = auto
acl check permissions = True
nt acl support = yes
ea support = yes
acl map full control = True
map acl inherit = yes
inherit acls = yes
nsswitch.conf:
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files
publickey: nisplus
automount: files
aliases: files nisplus
ctdb.conf:
CTDB_RECOVERY_LOCK="/EDAPT/ctdb/CTDB_lock"
CTDB_PUBLIC_INTERFACE=eth0
CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
CTDB_MANAGES_SAMBA=no
CTDB_SAMBA_CHECK_PORTS="445"
CTDB_MANAGES_WINBIND=no
CTDB_INIT_STYLE=redhat
CTDB_SERVICE_SMB=smb
CTDB_SERVICE_WINBIND=winbind
ulimit -n 10000
CTDB_NODES=/etc/ctdb/nodes
CTDB_DBDIR=/var/ctdb
CTDB_DBDIR_PERSISTENT=/EDAPT/ctdb/persistent
CTDB_EVENT_SCRIPT_DIR=/etc/ctdb/events.d
CTDB_SOCKET=/tmp/ctdb.socket
CTDB_TRANSPORT="tcp"
CTDB_LOGFILE=/var/log/log.ctdb
CTDB_DEBUGLEVEL=2
More information about the samba
mailing list