[Samba] New AD user cannot access file share from member server
Viktor Trojanovic
viktor at troja.ch
Mon Jun 19 13:35:52 UTC 2017
On 19 June 2017 at 15:22, Rowland Penny via samba <samba at lists.samba.org>
wrote:
> On Mon, 19 Jun 2017 15:08:45 +0200
> Viktor Trojanovic <viktor at troja.ch> wrote:
>
> > Not sure if it matters but here is the AD object of a user with no
> > issues:
> >
> > [root at GJSERVER ~]# ldbsearch -H /var/lib/samba/private/sam.ldb -b
> > 'ou=office,dc=samdom,dc=example,dc=ch' -s sub
> > "(&(objectclass=person)(samaccountname=jd))"
> > # record 1
> > dn: CN=John Doe,OU=OFFICE,DC=samdom,DC=example,DC=ch
> > objectClass: top
> > objectClass: person
> > objectClass: organizationalPerson
> > objectClass: user
> > cn: John Doe
> > sn: Doe
> > givenName: John
> > instanceType: 4
> > whenCreated: 20151228014125.0Z
> > displayName: John Doe
> > uSNCreated: 3788
> > name: John Doe
> > objectGUID: 15d6c679-5877-452d-a498-183f78d3fb39
> > badPwdCount: 0
> > codePage: 0
> > countryCode: 0
> > badPasswordTime: 0
> > lastLogoff: 0
> > primaryGroupID: 513
> > objectSid: S-1-5-21-4280320235-2980747731-3738778716-1105
> > accountExpires: 9223372036854775807
> > sAMAccountName: jd
> > sAMAccountType: 805306368
> > userPrincipalName: jd at samdom.example.ch
> > objectCategory:
> > CN=Person,CN=Schema,CN=Configuration,DC=samdom,DC=example ,DC=ch
> > userAccountControl: 512
> > uidNumber: 11001
> > msSFU30NisDomain: samdom
> > homeDirectory: \\fileserver\users\jd
> > homeDrive: P:
> > pwdLastSet: 131405963619168070
> > lastLogonTimestamp: 131420723196760820
> > whenChanged: 20170616073839.0Z
> > uSNChanged: 26797
> > lastLogon: 131423508299965620
> > logonCount: 1630
> > distinguishedName: CN=John Doe,OU=OFFICE,DC=samdom,DC=example,DC=ch
> >
> > Except for the fact that the attributes are not in the same order, I
> > can't seem to find a relevant difference.
> >
>
> That might be the problem, who did you create first ?
> John Doe or Jane Doe ?
>
> I only ask this because they both seem to have this:
>
> CN=John Doe,OU=OFFICE,DC=samdom,DC=example,DC=ch
> homeDirectory: \\fileserver\users\jd
>
> CN=Jane Doe,OU=OFFICE,DC=samdom,DC=example,DC=ch
> homeDirectory: \\fileserver\users\jd
>
> They both cannot own the users directory 'jd' or is this a sanitisation
> error ?
>
>
Sanitation error, sorry.. all usernames and initials are unique.
More information about the samba
mailing list