[Samba] objectclass "posixAccount" missing on new created users

thom_schu at gmx.de thom_schu at gmx.de
Thu Aug 17 07:39:07 UTC 2017

I made an upgrade from sernet-samba 4.3.11 to sernet-samba 4.6.7.
With samba 4.3.11 all created users contained the objectclass "posixAccount".
With samba 4.6.7 they don't.

We have a NetApp-Storage-Server which exports nfs4-mounts (with kerberos).
Yesterday I wanted to change the owner of a directory and "chown" threw an error "invalid argument".
It was the new created user which the NetApp didnt want to accept and caused that error.

So the NetApp accepts only users which derive from "posixAccount".

The parameter "idmap_ldb:use rfc2307 = yes" is set in smb.conf.
"ldbsearch .. CN=ypservers,.." returns one record.

With "ldbmodify add ..." I can add the objectclass "posixAccount", but is this the right way ?

2 more informations about our enviroment:
- User-authentication on all linux-clients is based on sssd.

- users here have 2 homedirectories, one comes from a central server and is exported
via nfsv3 and another one from our department.
When I create a new user, I have to set uidNumber and gidNumber which I get from the central
account so that the users have also access of the central homedirectory which is also mounted
on our clients.


More information about the samba mailing list