[Samba] SSSD - inconsistent UIDs
peter at serbe.ch
Thu Sep 18 04:51:05 MDT 2014
I have to aplogize: I was confused by some bogus UIDs
in the getfacl output. What happens seems this:
I set an acl for a domain user, but in getfacl I don't
see it any more (may be there, or not). E.g.:
setfacl -m u:SAMDOM\\peter:rwx test.txt
# file: test.txt
# owner: 3000023
# group: users
There is a lot of bogus entries, which I didn't find a
way to remove. But that is a different story...
Peter Serbe schrieb am 18.09.2014 12:23:
> I followed the advice from Arun, with some mixed success.
> For a couple of days I had no success, while constantly
> seeing that 'getent passwd' did not list domain users, but
> # getent passwd administrator
> Finally I got 'getent passwd' working by adding
> enumerate = true
> to the sssd.conf file *). Apparently this is a bug in sssd,
> which may or may not occur. Maybe it would be a good idea,
> to add a hint to the wiki documentation, that this option
> might be a try when troubleshooting sssd.
> But now I see another strange thing: I did deleted my
> domain account and added again - but even after a series
> of rebooting setfacl uses the old uid. I did delete the
> SSSD cache at /var/lib/sss/db/, but this did not have any
> Are there any other places, where I should delete something?
> Do I need to disable the idmap_ldb:use rfc2307 entry in
> smb.conf? Or would it be best to reprovision samba and
> start all over?
> Thank You in advance!
> *) got it from here:
> Arun Khan schrieb am 09.09.2014 21:55:
>> On Tue, Sep 9, 2014 at 8:04 AM, Peter Serbe <peter at serbe.ch> wrote:
>>> The reason can be found in the nslcd.conf
>>> map passwd uid sAMAccountName
>> Suggest use sssd in place of nslcd. I have posted a copy of my
>> sssd.conf that binds to LDAP (Samba4) in a post.
>> -- Arun Khan
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba