[Samba] How shall I fix the multiple uidNumbers

Gaiseric Vandal gaiseric.vandal at gmail.com
Sun Jun 13 15:44:29 MDT 2010 

Does smbldap-populate create an samba account for all users in /etc/passwd?
I can't see why it would need a root account.  But I have never used
smbldap-populate  (I mostly used custom scripts to migrate data.)    I would
delete the root entry in ldap to see what happens.    Just be prepared to
restore it quickly if it breaks something.  

I am guessing that it didn't create a group with gid 0.  I would expect that
warning to go away once you delete the samba/ldap root account. 

Is this samba 3.x or 4.x?  

-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
On Behalf Of Alex Domoradov
Sent: Sunday, June 13, 2010 4:52 PM
To: samba at lists.samba.org
Subject: Re: [Samba] How shall I fix the multiple uidNumbers

> From: "Gaiseric Vandal" <gaiseric.vandal at gmail.com>
> To: <samba at lists.samba.org>
> Date: Sat, 12 Jun 2010 17:18:02 -0400
> Subject: Re: [Samba] How shall I fix the multiple uidNumbers
> Do you even need root in ldap?
>
That is the very thing I'd like to find out ;)

Root should be in /etc/passwd, I don't see why you need it in LDAP as well
> unless root is also a samba account.  Which I don't think you would need.
>
>
But at the same time I see the following message in my samba log

[2010/06/11 10:22:36,  3] lib/util_sid.c:228(string_to_sid)
  string_to_sid: Sid root does not start with 'S-'.

[2010/06/11 10:22:36,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: root

[2010/06/11 10:22:36,  3] passdb/pdb_ldap.c:5191(ldapsam_gid_to_sid)
  ERROR: Got 0 entries for gid 0, expected one

Should I ignore this error?

The user root with uid/gid 0 was created automatically with command from
smbldap-tools

# smbldap-populate

Shell I delete them manually? I have already created the user and granted
him all the privileges

# id w3da
uid=1339(w3da) gid=512(Domain Admins) groups=512(Domain Admins)

# net rpc rights list accounts w3da
Enter root's password:
SeMachineAccountPrivilege
SeTakeOwnershipPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeRemoteShutdownPrivilege
SePrintOperatorPrivilege
SeAddUsersPrivilege
SeDiskOperatorPrivilege
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list