[Samba] posixAccount objectClass

Andreas Gaiser/L info at multifake.net
Sat Feb 23 09:38:28 MST 2013

Hi fellow list users,

I'm setting up a 4.0.3 DC and I am observing the following issue:

- nsswitch.conf contains winbind for passwd and group
- provisioned with use_rfc2307
- creating user with ADUC
- creating group
- adding Unix Attributes to user and group
- 1st part of issue: ADUC throws error message (translated from German
XP: "The object properties of the object could not be changed. [4 more
line of misleading information about possible networking issues]")
- but nevertheless it adds a Unix userID which is displayed when opening
the object properties/Unix Attributes tab again
- 2nd part of issue: winbind on the DC itself does not respect the
uidNumber attribute, though it's visible with an LDAP client (Apache
DS), checked with wbinfo -i and with getent passwd
- taking a closer look at the object, I find the objectClass
(posixAccount) missing
- adding posixAccount as objectClass (I have to click through a warning
and reject creating an ntSecurityDescriptor attribute) winbind suddenly
used the uidNumber Attribute

Is there something I miss or is this to be considered a bug?


Andreas Gaiser, Berlin, Germany

More information about the samba mailing list