[Samba] Domain member server: user access
Rowland Penny
rpenny at samba.org
Mon Oct 9 18:29:46 UTC 2017
On Mon, 9 Oct 2017 20:12:27 +0200
"Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:
> Am 2017-09-26 um 16:16 schrieb Rowland Penny via samba:
>
> > Very simple Stefan, there is a bug and a simple workaround, never
> > (not ever) run 'wbinfo -G 100' on a DC if you have given Domain
> > Users a gidNumber ;-)
>
> hit the same issue with a domain group today (DC and DM w/
> samba-4.6.8)
>
> Solution:
>
> net cache flush, recreate the group via samba-tool, and --gid-number
>
> before that the group had a gid of 3000013 and wasn't shown on the
> DM, even when the idmap range there was up to 9999999.
Unless you have done something strange like giving a group the
gidNumber '3000013', this is an xidNumber and isn't used anywhere
except on a DC. It is also probably one of the Well Known SIDs, so you
shouldn't remove and recreate one of these. Which leads us to the
obvious question, what was the group name ?
>
> Your reported bug still sits there unnoticed, right?
Not unnoticed, just not yet resolved ;-)
Rowland
More information about the samba
mailing list