[Samba] Problem with one User after upgrade to 4.5.0
Paul R. Ganci
ganci at nurdog.com
Sun Oct 9 07:58:00 UTC 2016
Well I upgraded from 4.4.6 to 4.5.0 and discovered that one of my user
accounts is completely borked. What is very strange is that everything
in Samba looks okay. Here is the first problem symptom. The data is from
the DC.
total 80
drwxr-xr-x. 7 root root 4096 Oct 9
01:15 .
drwx------+ 77 SAMDOM\prg-11868bg SAMDOM\domain users 20480 Oct 9
00:55 prg-11868bg
drwx------+ 39 3001108 SAMDOM\domain users 4096 Oct 9
00:30 sln-11868bg
Note that the directory sln-11868bg is owned by 3001108 instead of
SAMDOM\sln-11868bg. But everything seems like it should be correct. For
example:
> getent passwd sln-11868bg
SAMDOM\sln-11868bg:*:3001108:3000513:John Q.
Public:/home/sln-11868bg:/bin/bash
> samba-tool user list
sln-11868bg
Administrator
prg-11868bg
krbtgt
Guest
> wbinfo -n sln-11868bg
S-1-5-21-729452656-3029571206-2736118167-1143 SID_USER (1)
> wbinfo --sid-to-uid S-1-5-21-729452656-3029571206-2736118167-1143
3001108
>ldbedit -H /var/lib/samba/private/idmap.ldb
# record 16
dn: CN=S-1-5-21-729452656-3029571206-2736118167-1143
cn: S-1-5-21-729452656-3029571206-2736118167-1143
objectClass: sidMap
objectSid: S-1-5-21-729452656-3029571206-2736118167-1143
type: ID_TYPE_BOTH
xidNumber: 3000062
distinguishedName: CN=S-1-5-21-729452656-3029571206-2736118167-1143
>ldbedit -H /var/lib/samba/private/sam.ldb (sanitized the record by
changing addresses, telephone numbers and names)
# record 274
dn: CN=John Q. Public,CN=Users,DC=samdom,DC=example,DC=com
sn: Public
c: US
l: Some City
st: InSomeState
postalCode: 88888
givenName: John
instanceType: 4
whenCreated: 20141220195750.0Z
uSNCreated: 5115
co: United States
company: SAMDOM
objectGUID: 2770b5ca-f2e7-43bc-9a47-833ce384c564
badPwdCount: 0
codePage: 0
countryCode: 840
homeDirectory: \\nikita\home\sln-11868bg
homeDrive: H:
badPasswordTime: 0
lastLogoff: 0
primaryGroupID: 513
objectSid: S-1-5-21-729452656-3029571206-2736118167-1143
accountExpires: 9223372036854775807
sAMAccountName: sln-11868bg
sAMAccountType: 805306368
userPrincipalName: sln-11868bg at samdom.example.com
userAccountControl: 66048
memberOf: CN=Roaming Profiles and Folder Redirection
Users,OU=SAMDOMOU,DC=samd
om,DC=example,DC=com
cn: John Q. Public
name: John Q. Public
streetAddress: 478 Some St.
initials: Q
displayName: John Q. Public
gidNumber: 3000513
lockoutTime: 0
loginShell: /bin/bash
mail: sPublic at example.com
mobile: (555)555-5555
msDS-SupportedEncryptionTypes: 0
telephoneNumber: (555)555-5555
title: The Bigger Boss
uidNumber: 3001108
unixHomeDirectory: /home/sln-11868bg
objectClass: top
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=co
m
profilePath: \\nikita\home\Profiles\sln-11868bg
pwdLastSet: 131111097150000000
lastLogonTimestamp: 131203623889809690
whenChanged: 20161008010628.0Z
uSNChanged: 5656
lastLogon: 131204700204284310
logonCount: 16
distinguishedName: CN=John Q. Public,CN=Users,DC=samdom,DC=example,DC=com
Why is the owner showing up as the uidNumber 3001108 and not mapped to
SAMDOM\sln-11868bg? I am desperate as my wife's Profile and Home
directory can no longer be accessed. I am my wits end on this one. I see
no reason why there should be an issue with this one account and my
account and the Administrator's accounts are fine. Any suggestions?
--
Paul (ganci at example.com)
Cell: (303)257-5208
More information about the samba
mailing list