[Samba] What exactly is this?
gaiseric.vandal at gmail.com
Mon Dec 29 06:49:08 MST 2014
I have seen this in a few cases.
On my domain controllers I created some unix groups to correspond to
some of the well known built-in Windows groups, and then created group
mappings. I thinks the winbind warnings on the domain controllers
didn't really matter. The domain controllers use LDAP backend so
winbind was not critical.
net groupmap add sid=S-1-5-32-544 unixgroup=smb_admin type=builtin
net groupmap add sid=S-1-5-32-545 unixgroup=smb_users type=builtin
net groupmap add sid=S-1-5-32-546 unixgroup=smb_gueststype=builtin
I was recently setting up a member server, and in this case winbind was
in smb.conf I had an idmapping entry for my domain
idmap config MYDOMAIN : backend = nss
idmap config MYDOMAIN : range = 100-300
but winbind was getting stuck on the builtin groups. Once I added
idmap config * : backend = tdb
idmap config * : range = 5000-6000
winbind could allocate uids and gids for the built groups and then move
on to allocating uids and gids for the domain.
Per MS some of the well known builtin groups are
BUILTIN\ACCOUNT OPERATORS S-1-5-32-548
BUILTIN\SERVER OPERATORS S-1-5-32-549
BUILTIN\PRINT OPERATORS S-1-5-32-550
BUILTIN\BACKUP OPERATORS S-1-5-32-551
On 12/24/14 14:11, Chris Nighswonger wrote:
> Could someone comment on whether or not this "WARNING" is valid?
> [2014/12/24 14:02:46.078767, 2]
> WARNING: Failed to create BUILTIN\Users group! Can Winbind allocate gids?
> My Samba DC has been working fine for the past couple of years even with
> this in the logs, but curiosity has gotten the better of me at this point.
> Google seems to indicate that others have wondered about this same
> question, but never received an answer.
> System info:
> root at biblios:/var/lib/samba/netlogon# lsb_release -a
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description: Ubuntu 13.04
> Release: 13.04
> Codename: raring
> root at biblios:/var/lib/samba/netlogon# nmbd -V
> Version 3.6.9
> root at biblios:/var/lib/samba/netlogon# smbd -V
> Version 3.6.9
> root at biblios:/var/lib/samba/netlogon# slapd -V
> @(#) $OpenLDAP: slapd (Jun 20 2013 17:11:18) $
> buildd at allspice:/build/buildd/openldap-2.4.31/debian/build/servers/slapd
> Samba log level = 2
More information about the samba