[Samba] winbindd losing track of RFC2307 UIDs

Edson Tadeu Almeida da Silveira edson.tadeu at gmail.com
Thu Oct 6 12:09:57 UTC 2016 

Same smb.conf in both members, only change netbios name.


[global]
 netbios name = FS1
 realm = DOMAIN.LOCAL
 workgroup = DOMAIN
 security = ads
 idmap config * : backend = tdb
 idmap config * : range = 2000-9999
 idmap config DOMAIN : backend = rid
 idmap config DOMAIN : range = 10000-99999
#+
 username map = /var/lib/samba/user.map
#+
  winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = yes
        winbind expand groups = 4
        winbind refresh tickets = Yes
        winbind normalize names = Yes
#+
        dedicated keytab file = /etc/krb5.keytab
        kerberos method = secrets and keytab
#+
        domain master = no
        local master = no
        preferred master = no
#+
        vfs objects = acl_xattr
        map acl inherit = Yes
        store dos attributes = Yes
#+
        log level = 2 vfs:7 auth:2 passdb:2
#+
vfs objects = full_audit
        full_audit:facility = LOCAL7
        full_audit:priority = NOTICE
        full_audit:prefix = %u|%I|%m|%S
        full_audit:success = pread pwrite rename rmdir mkdir unlink chown
        full_audit:failure = none
#+
         veto files =
/*.lnk/*.bkf/*.pif/*.avi/*.vob/*.qic/*.pak/*.srt/*.vmx/autorun.inf/RECYCLER/*.cmd/*.{*}/
#+

[public]
        path = /dados/public
        read only = No


2016-10-06 9:03 GMT-03:00 Rowland Penny <rpenny at samba.org>:

> On Thu, 6 Oct 2016 08:42:41 -0300
> Edson Tadeu Almeida da Silveira via samba <samba at lists.samba.org> wrote:
>
> > This is what there is in winbindd_idmap.tdb of both members that i
> > have, whewre file server 2 is working well and file server 1 lose
> > winbind rfc track.
> >
> > #
> > # FILE SERVER 1 - PROBLEM
> > #
> > # tdbdump winbindd_idmap.tdb
> > {
> > key(9) = "USER HWM\00"
> > data(4) = "\D0\07\00\00"
> > }
> > {
> > key(10) = "GROUP HWM\00"
> > data(4) = "\D0\07\00\00"
> > }
> > {
> > key(14) = "IDMAP_VERSION\00"
> > data(4) = "\02\00\00\00"
> > }
> >
> >
> >
> > #
> > # FILE SERVER 2 - OK
> > #
> > # tdbdump winbindd_idmap.tdb
> > {
> > key(9) = "GID 2002\00"
> > data(9) = "S-1-5-11\00"
> > }
> > {
> > key(9) = "S-1-5-11\00"
> > data(9) = "GID 2002\00"
> > }
> > {
> > key(9) = "USER HWM\00"
> > data(4) = "\D0\07\00\00"
> > }
> > {
> > key(9) = "GID 2000\00"
> > data(8) = "S-1-1-0\00"
> > }
> > {
> > key(8) = "S-1-1-0\00"
> > data(9) = "GID 2000\00"
> > }
> > {
> > key(8) = "S-1-5-2\00"
> > data(9) = "GID 2001\00"
> > }
> > {
> > key(10) = "GROUP HWM\00"
> > data(4) = "\D3\07\00\00"
> > }
> > {
> > key(9) = "GID 2001\00"
> > data(8) = "S-1-5-2\00"
> > }
> > {
> > key(14) = "IDMAP_VERSION\00"
> > data(4) = "\02\00\00\00"
> > }
> >
>
> There doesn't seem to be anything wrong there, can you post the
> smb.conf from the domain member.
>
> Rowland
>



-- 

-------------------------------------------
Edson Tadeu Almeida Silveira
http://sites.google.com/site/edsontadeu/
-------------------------------------------

More information about the samba mailing list