[Samba] ldbedit: no matching records - cannot edit (newly-created user)
Rowland Penny
rowlandpenny241155 at gmail.com
Thu Sep 10 15:20:35 UTC 2015
On 10/09/15 15:05, Jim Seymour wrote:
> Hi,
>
> This doc (and another like it)
>
> http://www.blackhole-networks.com/Cheatsheets/Samba4Map/
>
> Says
>
> samba-tool user add <username>
> wbinfo --name-to-sid <username>
> ldbedit -e <editor> -H <path-to-idmap.ldb> objectsid=<SID>
>
> To create a user and get the UID in Samba to match the *nix UID.
>
> Yet, when I do that (the ldbedit), I get back: "no matching records -
> cannot edit"
>
> Or is there a better way?
>
> N.B.: This is the second time creating a test user for
> experimentation. The first time I did it: At some point the "missing"
> record suddenly appeared. I deleted the user in order to start all
> over again, and the above issue reoccurs.
>
> Regards,
> Jim
Hmm, works for me:
root at dc01:~# wbinfo --name-to-sid rowland
S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106 SID_USER (1)
root at dc01:~# ldbedit -e nano -H /var/lib/samba/private/idmap.ldb
objectsid=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
# editing 1 records
# record 1
dn: CN=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
cn: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
objectClass: sidMap
objectSid: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
type: ID_TYPE_BOTH
xidNumber: 3000021
distinguishedName: CN=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106
If you only require the contents of the xidNumber attribute, you could
try this:
ldbsearch -H /var/lib/samba/private/idmap.ldb
'(&(objectclass=sidMap)(objectSid=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-1106))'
| grep 'xidNumber' | awk '{print $NF}'
Which when I run it, returns:
3000021
What I cannot understand is, why you cannot find the user ? I take it
you are running the commands on the DC.
Rowland
More information about the samba
mailing list