[Samba] UID syncing issues with CTDB

Jeremy Farrar jeremy.farrar at gmail.com
Tue Aug 17 09:26:05 MDT 2010 

I have been working on a CTDB cluster on and off for a while now. I had it
working great for a while. THen I decide dthat I wanted to change the
configuration of my replicated volumes. I changed my DRBD configuration to
match my desired configuration. Now I can get the CTDB to work quite right.
I am able to join the cluster to the domain without issues. I can also list
my ad users and groups using wbinfo so I believe that my nsswitch.conf is
set up properly. I am having problems with the UIDs and GIDs not matching
between the two servers. For instance here is the output for getent on each
server:

Server A:
jfarrar:*:20066:20001:Jeremy Farrar:/home/DOMAIN/jfarrar:/bin/bash

Server B:
jfarrar:*:20002:20001:Jeremy Farrar:/home/DOMAIN/jfarrar:/bin/bash

The output looks good but the UID doesn't match. This will lead to some
weird permissions issues in the future. THe strange thing is that it worked
before. What did I mess up when I reconfigured my volume? Thanks for your
help.

smb.conf:

[global]
   server string = %h
   workgroup = DOMAIN
   netbios name = server
   password server = dc1.domain.local
   realm = DOMAIN.LOCAL
   security = ads
   idmap backend = tdb2
   idmap uid = 10000-20000
   idmap gid = 10000-20000
   template shell = /bin/bash
    template homedir = /home/DOMAIN/%U
   winbind uid = 20001-200000
   winbind gid = 20001-200000
   winbind trusted domains only = no
   winbind use default domain = true
   winbind offline logon = false
   winbind enum users = yes
   winbind enum groups = yes
   obey pam restrictions = yes
   printcap name = /etc/printcap
   socket options = TCP_NODELAY SO_KEEPALIVE IPTOS_LOWDELAY SO_BROADCAST
   clustering = yes
   # logs split per machine
   log file = %S.log
   log level = 2
   # max 50KB per log file, then rotate
   max log size = 50

    passdb backend = tdbsam

#============================ Share Definitions
==============================

[DOMAIN]
    comment = Home Directories
    path = /DOMAIN
    browseable = no
    writable = yes
#    acl compatibility = auto
    acl check permissions = True
    nt acl support = yes
    ea support = yes
    acl map full control = True
    map acl inherit = yes
    inherit acls = yes

nsswitch.conf:

passwd:     files winbind
shadow:     files winbind
group:      files winbind

hosts:      files dns

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   files

publickey:  nisplus

automount:  files
aliases:    files nisplus

ctdb.conf:

CTDB_RECOVERY_LOCK="/EDAPT/ctdb/CTDB_lock"
 CTDB_PUBLIC_INTERFACE=eth0
 CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
 CTDB_MANAGES_SAMBA=no
 CTDB_SAMBA_CHECK_PORTS="445"
 CTDB_MANAGES_WINBIND=no
 CTDB_INIT_STYLE=redhat
 CTDB_SERVICE_SMB=smb
 CTDB_SERVICE_WINBIND=winbind
  ulimit -n 10000
 CTDB_NODES=/etc/ctdb/nodes
 CTDB_DBDIR=/var/ctdb
 CTDB_DBDIR_PERSISTENT=/EDAPT/ctdb/persistent
 CTDB_EVENT_SCRIPT_DIR=/etc/ctdb/events.d
 CTDB_SOCKET=/tmp/ctdb.socket
 CTDB_TRANSPORT="tcp"
CTDB_LOGFILE=/var/log/log.ctdb
CTDB_DEBUGLEVEL=2

More information about the samba mailing list