[Samba] Problem with one User after upgrade to 4.5.0

Paul R. Ganci ganci at nurdog.com
Sun Oct 9 07:58:00 UTC 2016 

Well I upgraded from 4.4.6 to 4.5.0 and discovered that one of my user 
accounts is completely borked. What is very strange is that everything 
in Samba looks okay. Here is the first problem symptom. The data is from 
the DC.

total 80
drwxr-xr-x.  7 root                   root                 4096 Oct 9 
01:15 .
drwx------+ 77 SAMDOM\prg-11868bg     SAMDOM\domain users 20480 Oct 9 
00:55 prg-11868bg
drwx------+ 39                3001108 SAMDOM\domain users  4096 Oct 9 
00:30 sln-11868bg

Note that the directory sln-11868bg is owned by 3001108 instead of 
SAMDOM\sln-11868bg. But everything seems like it should be correct. For 
example:

 > getent passwd sln-11868bg
SAMDOM\sln-11868bg:*:3001108:3000513:John Q. 
Public:/home/sln-11868bg:/bin/bash


 > samba-tool user list
sln-11868bg
Administrator
prg-11868bg
krbtgt
Guest

 > wbinfo -n sln-11868bg
S-1-5-21-729452656-3029571206-2736118167-1143 SID_USER (1)

 > wbinfo --sid-to-uid S-1-5-21-729452656-3029571206-2736118167-1143
3001108

 >ldbedit -H /var/lib/samba/private/idmap.ldb
# record 16
dn: CN=S-1-5-21-729452656-3029571206-2736118167-1143
cn: S-1-5-21-729452656-3029571206-2736118167-1143
objectClass: sidMap
objectSid: S-1-5-21-729452656-3029571206-2736118167-1143
type: ID_TYPE_BOTH
xidNumber: 3000062
distinguishedName: CN=S-1-5-21-729452656-3029571206-2736118167-1143

 >ldbedit -H /var/lib/samba/private/sam.ldb (sanitized the record by 
changing addresses, telephone numbers and names)
# record 274
dn: CN=John Q. Public,CN=Users,DC=samdom,DC=example,DC=com
sn: Public
c: US
l: Some City
st: InSomeState
postalCode: 88888
givenName: John
instanceType: 4
whenCreated: 20141220195750.0Z
uSNCreated: 5115
co: United States
company: SAMDOM
objectGUID: 2770b5ca-f2e7-43bc-9a47-833ce384c564
badPwdCount: 0
codePage: 0
countryCode: 840
homeDirectory: \\nikita\home\sln-11868bg
homeDrive: H:
badPasswordTime: 0
lastLogoff: 0
primaryGroupID: 513
objectSid: S-1-5-21-729452656-3029571206-2736118167-1143
accountExpires: 9223372036854775807
sAMAccountName: sln-11868bg
sAMAccountType: 805306368
userPrincipalName: sln-11868bg at samdom.example.com
userAccountControl: 66048
memberOf: CN=Roaming Profiles and Folder Redirection 
Users,OU=SAMDOMOU,DC=samd
  om,DC=example,DC=com
cn: John Q. Public
name: John Q. Public
streetAddress: 478 Some St.
initials: Q
displayName: John Q. Public
gidNumber: 3000513
lockoutTime: 0
loginShell: /bin/bash
mail: sPublic at example.com
mobile: (555)555-5555
msDS-SupportedEncryptionTypes: 0
telephoneNumber: (555)555-5555
title: The Bigger Boss
uidNumber: 3001108
unixHomeDirectory: /home/sln-11868bg
objectClass: top
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectCategory: 
CN=Person,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=co
  m
profilePath: \\nikita\home\Profiles\sln-11868bg
pwdLastSet: 131111097150000000
lastLogonTimestamp: 131203623889809690
whenChanged: 20161008010628.0Z
uSNChanged: 5656
lastLogon: 131204700204284310
logonCount: 16
distinguishedName: CN=John Q. Public,CN=Users,DC=samdom,DC=example,DC=com

Why is the owner showing up as the uidNumber 3001108 and not mapped to 
SAMDOM\sln-11868bg? I am desperate as my wife's Profile and Home 
directory can no longer be accessed. I am my wits end on this one. I see 
no reason why there should be an issue with this one account and my 
account and the Administrator's accounts are fine. Any suggestions?


-- 
Paul (ganci at example.com)
Cell: (303)257-5208

More information about the samba mailing list