[Samba] Samba ADS-member-server: FQDNs in /etc/hosts

Rowland Penny rpenny at samba.org
Wed Jul 12 07:20:07 UTC 2017


On Wed, 12 Jul 2017 08:25:37 +0200
"Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:

> Am 2017-07-11 um 18:34 schrieb Stefan G. Weichinger via samba:
> > Am 2017-07-11 um 17:59 schrieb Rowland Penny:
> > 
> >>> One user gets displayed as "administrator" in smbstatus although
> >>> he is named differently. Other users on other PCs are mapped
> >>> correctly and files are created correctly (= get correct owner
> >>> and group in linux fs).
> 
> --
> 
> >> Try running 'net cache flush'
> > 
> > did that on both DC and DM, no change so far.
> 
> good morning all (at least here it is morning)
> 
> That one domain user is shown as "administrator" again in smbstatus.
> Hm, I would like to iron that out.
> 
> Can I provide some strange ldap-query or so to find out the reasons?

Probably, but for a user to become administrator is strange, is the
user mapped to Administrator in a user map on the samba machine ?
What uidNumber does the user have ?
You could try examining the users object in AD to see if anything
looks strange.
 
> 
> 
> > tmrw issues on my list:
> > 
> > * some GPO-issues:
> > 
> > # samba-tool dbcheck
> > Checking 445 objects
> > NOTE: old (due to rename or delete) DN string component for
> > lastKnownParent in object
> > CN=User\0ADEL:c5644e95-616a-4897-bea7-45c909d93dc2,CN=Deleted
> > Objects,DC=secret,DC=at -
> > <GUID=f1278d7d-87c4-47b7-adf5-663d457026db>;CN={B21C7A4C-E611-460F-BC81-1BBDEC8C9053},CN=Policies,CN=System,DC=secret,DC=at
> > Not fixing old string component
> > NOTE: old (due to rename or delete) DN string component for
> > lastKnownParent in object
> > CN=Machine\0ADEL:3eccdc20-3d40-4c3d-a0fe-b5fa4dcc2c3c,CN=Deleted
> > Objects,DC=secret,DC=at -
> > <GUID=63de1753-994f-466a-9dd1-9dcf90910ffd>;CN={479204EF-EF2E-4C1B-9E3E-1B50149D578B},CN=Policies,CN=System,DC=secret,DC=at
> > Not fixing old string component
> > NOTE: old (due to rename or delete) DN string component for
> > lastKnownParent in object
> > CN=User\0ADEL:ef18debc-895a-4599-952d-a0bf302d2914,CN=Deleted
> > Objects,DC=secret,DC=at -
> > <GUID=63de1753-994f-466a-9dd1-9dcf90910ffd>;CN={479204EF-EF2E-4C1B-9E3E-1B50149D578B},CN=Policies,CN=System,DC=secret,DC=at
> > Not fixing old string component
> > NOTE: old (due to rename or delete) DN string component for
> > lastKnownParent in object
> > CN=Machine\0ADEL:f4336c47-c82e-477e-a5b6-fe7bf24ac07e,CN=Deleted
> > Objects,DC=secret,DC=at -
> > <GUID=f1278d7d-87c4-47b7-adf5-663d457026db>;CN={B21C7A4C-E611-460F-BC81-1BBDEC8C9053},CN=Policies,CN=System,DC=secret,DC=at
> > Not fixing old string component
> > Checked 445 objects (0 errors)
> 
> Do I have to fix that? how?

Short answer: No, cannot
Long answer: No, because they are deleted objects and will eventually
go away (after 180 days)
 
Rowland





More information about the samba mailing list