[Samba] ldbedit: no matching records - cannot edit (newly-created user)

Rowland Penny rowlandpenny241155 at gmail.com
Thu Sep 10 15:20:35 UTC 2015

On 10/09/15 15:05, Jim Seymour wrote:
> Hi,
> This doc (and another like it)
>      http://www.blackhole-networks.com/Cheatsheets/Samba4Map/
> Says
>      samba-tool user add <username>
>      wbinfo --name-to-sid <username>
>      ldbedit -e <editor> -H <path-to-idmap.ldb> objectsid=<SID>
> To create a user and get the UID in Samba to match the *nix UID.
> Yet, when I do that (the ldbedit), I get back: "no matching records -
> cannot edit"
> Or is there a better way?
> N.B.: This is the second time creating a test user for
> experimentation.  The first time I did it: At some point the "missing"
> record suddenly appeared.  I deleted the user in order to start all
> over again, and the above issue reoccurs.
> Regards,
> Jim

Hmm, works for me:

root at dc01:~# wbinfo --name-to-sid rowland
S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106 SID_USER (1)
root at dc01:~# ldbedit -e nano -H /var/lib/samba/private/idmap.ldb 

# editing 1 records
# record 1
dn: CN=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
cn: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
objectClass: sidMap
objectSid: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
xidNumber: 3000021
distinguishedName: CN=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106

If you only require the contents of the xidNumber attribute, you could 
try this:

ldbsearch -H /var/lib/samba/private/idmap.ldb 
| grep 'xidNumber' | awk '{print $NF}'

Which when I run it, returns:


What I cannot understand is, why you cannot find the user ? I take it 
you are running the commands on the DC.


More information about the samba mailing list