[Samba] samba 4 joining samba 3 pdc - group mismatch

Ethy H. Brito ethy.brito at inexo.com.br
Thu May 3 18:55:47 UTC 2018 

On Thu, 3 May 2018 19:18:45 +0100
Rowland Penny via samba <samba at lists.samba.org> wrote:

> On Thu, 3 May 2018 14:59:18 -0300
> "Ethy H. Brito via samba" <samba at lists.samba.org> wrote:
> 
> > I run the pdbedit command.
> > I got a lage amount of users (and groups). 
> > The admin of the S3 server deleted (userdel) 75 users and these are
> > still listed by pdbedit. How do I get rid os them??
> > 
> > I think you may be mistaken (or I did not fully understood your
> > affirmation). These "no such user" users were deleted from Linux with
> > "userdel -r"  and are ghosts in Samba.
> > I just tried to remove them (smbpasswd -x) them but got "Failed to
> > delete entry for user XXXX"
> > How do I get rid of these ghosts?  
> 
> The OS stores users in /etc/passwd and userdel removes these, but there
> are also Samba users and you need to run 'smbpasswd -x username' to
> remove these.

You may missed my comment above. I did try 'smbpasswd -x <USERNAME>'.
I get "Failed to delete entry for user <USERNAME>".

> 
> > > what is your rsync command ?  
> > 
> > for i in D1 D2 D3 D4 ; do 
> >         echo
> >         echo "SYNC'ing $i";
> >         echo
> >         /usr/bin/rsync -av S3:/var/samba/$i /home; 
> > done
> > 
> >   
> > > I ask this because if I rsync a file from my pc (rowland, 10000, ad
> > > backend) to a another pc (rowland, 11107, rid backend), ls -la shows
> > > the owner as 'rowland'  
> > 
> > Maybe you mounted the remote server locally. Didn't you?  
> 
> My rsync command was much the same as yours (just added 'z') and I
> didn't mount anything, which leads to the next question, are you
> mounting anything ?

Not at all.

But I have to apologize thousand times to you.
I did not check the files rsync copied *after* the modifications you said.

While we where talking, rsync copied the files at least twice and corrected the
whole thing. The files and directories permissions and ownership are ok.
I can now list them with correct names.

Sorry for the noise.

So! What is not working?

jgarcia user is a member of UNIX group G1 at S3. 

S3# grep "G1.*jgarcia" /etc/group
G1:x:1119:jgarcia

I have this share at S4:

[snapshots]
   comment = snapshots
   path = /var/snapshots
   browseable = no
   read only = yes
   valid users = @G1

jgarcia is given NT_STATUS_ACCESS_DENIED.
If I change "valid users" to "@G1 jgarcia" *or* create a (local to S4) G1 group
the logs in.

How to debug this error?

Ethy

More information about the samba mailing list