[Samba] getent problems with new Samba version
Rowland Penny
rpenny at samba.org
Thu Jan 26 09:56:10 UTC 2017
On Thu, 26 Jan 2017 02:35:43 -0500
Mark Foley via samba <samba at lists.samba.org> wrote:
> on Wed, 25 Jan 2017 20:15:49 -0500 Gaiseric Vandal wrote:
>
> > Would "testparm -v" show you the path of all the files used ? Are
> > there any idmap settings?
>
> Gaiseric, thanks for your response. the `testparm -v` gave me:
>
> private dir = /var/lib/samba/private
>
> So, I guess that means the sam.ldb in that directory is the one being
> used, not the one in /etc/samba/private. That helps. Thanks for
> that tip. The newer Samba 4.4.8 must have somehow been smart enough
> to find the 4.2.12 sam.ldb in /etc/samba/private and copy it over to
> the new location because there was no /var/lib/samba/private with my
> 4.2.12, and the contents of both sam.ldb's is the same including
> changes I made.
No, I would say it is dumb enough to try, just who thought it was a
good idea to do this ?
If you read the slackware file 'doinst.sh', there is this:
# Since /etc/samba/private/ has moved to /var/lib/samba/private, migrate any
# important files if possible:
if [ -d etc/samba/private -a -d var/lib/samba/private ]; then
for file in etc/samba/private/* ; do
if [ -r "$file" -a ! -r "var/lib/samba/private/$(basename $file)" ]; then
mv "$file" var/lib/samba/private
fi
done
# Might as well try to eliminate this directory, since it should be empty:
rmdir etc/samba/private 1> /dev/null 2> /dev/null
fi
Now on the face of it, this should work, but I cannot see anywhere that
Samba was stopped before moving the files. There is also the problem
that the paths do not start with '/'
I created a simple test script:
#!/bin/sh
if [ -d usr/local/samba ]; then
echo "/usr/local/samba exists"
else
echo "not found"
fi
exit 0
Made it executable and ran it and got 'not found'
Altered the test script by adding '/' to the front of the path and ran
the script again and got '/usr/local/samba exists'
>
> > It looks like the newer version is using winbind to allocate uid's
> > (based on the high ID numbers.) Maybe because it does not see uid's
> > already allocated.
What does 'samba -b' show for 'PRIVATE_DIR' ?
>
> /var/lib/samba/private/sam.ldb, /etc/samba/private/sam.ldb and
> RSAT/ADUC all show the "correct" UID:GIDs for users, for example
> 10001:10000.
>
> So, if Samba 4.4.8 "is using winbind to allocate uid's", how can I
> make it stop that and use the ids actually configured in sam.ldb?
> That's the question, basically: why is windbind (or whatever)
> arbitrarily generating UID:GIDs instead of using the configured ids?
> You are likely right on this too. As Rowland Penny wrote on
> 10/11/2015 17:15, "wbinfo goes straight to winbind, which goes to
> where you have told it to. getent goes via nssswitch, ...". and
> wbinfo still returns:
When I said that, I meant how Samba was configured would tell winbind
where to look.
Have you tried checking in AD with ldbsearch or ldbedit for the actual
records ?
Rowland
More information about the samba
mailing list