[Samba] Winbind issue after upgrading from 4.7.5 to 4.8.3

miguel.sanders.external at arcelormittal.com miguel.sanders.external at arcelormittal.com
Mon Aug 6 12:38:33 UTC 2018

Hi guys

We recently upgraded our Samba clusters from 4.7.5 to 4.8.3 and noticed 
a difference in behavior for winbind.
The situation is as follows
Assume we have a local Linux user XYZ (UID 519) as well as a AD user 
object XYZ (UID 30001).
     idmap config * : backend = tdb2
     idmap config * : range = 30000-50000

In our share definitions we regularly use the "force user" directive.
In 4.8.3, when using "force user = XYZ", we are forcing the UID of the 
AD user object XYZ (UID 30001) and not the local Linux user XYZ (UID 519).
In 4.7.5 this worked fine.
Is this change intentional or a defect?

Moreover, when running "id XYZ", the correct UID 519 is given.
The groups, however, are a mix of local groups and AD groups. This 
behavior was also different in 4.7.5.

# id XYZ
uid=519(XYZ) gid=1(bin) groups=1(bin),30004(DOSIM000+domain users)
# id xyz
uid=30001(DOMAIN+XYZ) gid=30004(DOSIM000+domain users)

# id XYZ
uid=519(XYZ) gid=1(bin) groups=1(bin)
# id xyz
id: ‘xyz’: no such user

Thanks for your help

Met vriendelijke groeten
Best regards

*Miguel Sanders*
ArcelorMittal Europe – Flat Products – Business Division North

External collaborator | Midrange UNIX
John Kennedylaan 51 B-9042 Gent
*T* +32 9 347 52 78
*E* gen-sid-ism-cbi-sig at arcelormittal.com
*E* miguel.sanders.external at arcelormittal.com

More information about the samba mailing list