[Samba] User home directory UID:GID incorrect on VM Samba 4 AD client

[steve]

On Tue, 2013-10-22 at 01:05 -0600, Paul R. Ganci wrote:
> On 10/22/2013 12:43 AM, Paul R. Ganci wrote:
> > I have a problem that has me completely perplexed. <snip> on the 
> > CentOS guest on the 2950iii which provides the samba 4 AD server the 
> > domain user's home directory UID:GID are coming up as "nobody:nobody" 
> > instead of "username:domain users".
> I forgot a critical piece of information. The VM also worked perfectly 
> as of Friday, October 18, 2013. That evening I updated my CentOS 6.4 on 
> all my Linux boxes. That included updating from sernet-samba-4.0.9-5 to 
> sernet-samba-4.0.10-5. I thought the issue was the version of samba so I 
> immediately downgraded back to sernet-samba-4.0.9-5. However the problem 
> on the VM persisted after moving back to sernet-samba-4.0.9-5. Therefore 
> I am not sure what might have changed to break the VM box. All other 
> Linux/Window boxes seem to be perfectly content with 
> sernet-samba-4.0.10-5. That is why I am wondering if it might have 
> something to do with the VM and having done an update to the VM CentOS 
> 6.4 OS ... maybe something was reset?

smb.conf
remove:
idmap_ldb:use rfc2307 = yes

and you need a keytab, so add:
kerberos method = system keytab

before you do the rejoin below.

The rid db is wrong after the upgrade. Leave the domain, then delete all
the tdb's (I think they're in /var/lib/samba on CentOS). Then rejoin.

I would _strongly_ advise switching to the ad backend and storing
everything in the same place: AD. Problems like this then just go away.

If you really must use nfs then ignore the following:
Now export using cifs:
auto.home
* -fstype=cifs,sec=krb5,multiuser,username=VMMACHINEKEY
$ ://the.share.for.home/&

HTH
Steve