[Samba] Samba fileserver member corrupt smb.ldb after joining 4.8.4 Samba DC

Waishon waishon009 at gmail.com
Fri Aug 24 21:53:14 UTC 2018


Hi again,

sorry for spaming ;)

wbinfo -U shows on the second machine only:
root at FS/# wbinfo -U 0
failed to call wbcUidToSid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert uid 0 to sid

On the other machine it returns the correct SID.

Maybe that's a decent hint what went wrong?

Am Freitag, 24. August 2018 schrieb Waishon :

> Hi again,
>
> I think I found out something interesting:
> When running "ntacl get" with debug = 10, I get the following output on
> the machine where it works:
>
> posix_get_nt_acl: called for file /srv/profiles/
> Opening cache file at /var/cache/samba/gencache.tdb
> Opening cache file at /var/run/samba/gencache_notrans.tdb
> uid 0 -> sid S-1-22-1-0 <12210>
> gid 100513 -> sid S-1-5-21-3981408749-3007518722-157077061-513
> canonicalise_acl: Access ace entries before arrange :
>
> And this is the output when it won't work:
>
> Opening cache file at /var/cache/samba/gencache.tdb
>
> Opening cache file at /var/run/samba/gencache_notrans.tdb
>
> uid_to_sid: winbind failed to find a sid for uid 0
>
> Attempting to register passdb backend smbpasswd
>
> So it seems that winbind isn't able to find a matching group for the uid 0
> (root). Why is this the case?
>
> wbinfo --uid-info=0 show on both systems the same output:
>
> failed to call wbcGetpwuid: WBC_ERR_DOMAIN_NOT_FOUND
>
> Could not get info for uid 0
>
>
> Maybe that helps to find where the issue is?
>
> Am Freitag, 24. August 2018 schrieb Waishon :
>
>> Hi,
>>
>> yes I get exactly this output.
>>
>> And I've read the Wiki. As mentioned before it worked already. That's the
>> strange thing :)
>>
>> Am Freitag, 24. August 2018 schrieb Rowland Penny via samba :
>>
>>> On Fri, 24 Aug 2018 22:06:01 +0200
>>> Waishon <waishon009 at gmail.com> wrote:
>>>
>>> > Hi,
>>> >
>>> > thanks for your suggestions. Do you think this is causes the
>>> > stacktrace above? . I just added "REALM" as a placeholder and it
>>> > worked on a DC that was provisioned using Samba 4.7.3 and upgraded
>>> > afterwards to Samba 4.8.4 absolutely fine with this config and the
>>> > command "samba-tool ntacl get /srv/profiles" returns the correct ACLs
>>> > of this directory.
>>> >
>>> > When I interprete this correctly it seems that the Fileserver is
>>> > unable to find the DomainSID. Normally the command "ntacl get" should
>>> > return the ACLs and not that stacktrace, should'nt it :).
>>> >
>>>
>>> Does 'wbinfo -D SAMDOM'
>>> Return something like this:
>>>
>>> Name              : SAMDOM
>>> Alt_Name          : samdom.example.com
>>> SID               : S-1-5-21-1768301897-3342589593-1064908849
>>> Active Directory  : Yes
>>> Native            : Yes
>>> Primary           : Yes
>>>
>>> Also have you read this:
>>>
>>> https://wiki.samba.org/index.php/Roaming_Windows_User_Profiles
>>>
>>> Rowland
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>>


More information about the samba mailing list