[Samba] chown: changing ownership of 'test': Invalid argument
Ian Coetzee
samba at iancoetzee.za.net
Wed Apr 10 10:13:07 UTC 2019
Hi Roland
On Wed, 10 Apr 2019 at 12:00, Rowland Penny <rpenny at samba.org> wrote:
> On Wed, 10 Apr 2019 11:41:52 +0200
> Ian Coetzee <samba at iancoetzee.za.net> wrote:
>
> > Ho Roland,
> >
> > Replies inline
> >
> > >
> > > > The only user I have is the jeadmin user which is the domain
> > > > admin as well as a local admin user.
> > >
> > > ER, no, that would be 'Administrator', is 'jeadmin' a member of
> > > 'Administrators', 'Domain Admins' or some other such administration
> > > group ?
> > >
> >
> > We have a group policy that renames Administrator to jeadmin
>
> OK, then where ever you see 'Administrator' on the Samba wiki etc,
> replace it with 'jeadmin'
>
Yup. I also normally log into the AD as myself which is part of the Domain
Admins group
>
> >
> >
> > >
> > > >
> > > > Should I try renaming the local user?
> > >
> > > Either that or delete the user from AD or /etc/passwd, you cannot
> > > have the same user in both. The user in /etc/password will normally
> > > be used on the Unix OS
> >
> >
> > Which is the intended course of action, so I can ssh into the servers
> > with the jeadmin account in case the domain is offline (debian ssh
> > denies root logins)
>
> Ever heard of sudo ?
> Log in as a normal user and then run everything with sudo, or become
> root with 'su -'
>
Yup, most definitely, use sudo everywhere.
>
> >
> > I will quickly drop the user and see if it makes a difference
> >
> >
> > > before the AD user and will be the opposite way around
> > > on Windows.
> > >
> >
> > Yup. and using .\jeadmin to log in as a local user
> >
> >
> > >
> > > Try adding this line to smb.conf:
> > >
> > > winbind enum users = yes, restart or reload Samba, then run 'getent
> > > passwd', this should return all users, local and domain.
> > >
> >
> > Oooh I sense a server overload ;-) (Lots of users in the AD)
>
> I did say remove it after the test, I just wondered if getent was
> working correctly.
>
Yes, yes you did.
>
> > I am quite confident that nss and winbind are talking to each other
> > quite nicely.
>
> Then why isn't working ?
>
This is the question leaving me perplexed as well
>
> Last things to try, start raising the Samba loglevel and see if
> anything pops out and check if Apparmor is stopping the chown.
>
I bumped the loglevel up to 10. What I can glean from the log is:
[2019/04/10 10:09:48.041065, 1, pid=15234, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
wbint_LookupSid: struct wbint_LookupSid
in: struct wbint_LookupSid
sid : *
sid : <RED>-1407
[2019/04/10 10:09:48.041888, 10, pid=15234, effective(0, 0), real(0, 0),
class=winbind] ../source3/winbindd/winbindd_cache.c:4803(wcache_store_ndr)
could not fetch seqnum for domain JEOFFICE
[2019/04/10 10:09:48.041954, 1, pid=15234, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
wbint_LookupSid: struct wbint_LookupSid
out: struct wbint_LookupSid
type : *
type : SID_NAME_USER (1)
domain : *
domain : *
domain : 'JEOFFICE'
name : *
name : *
name : 'ianc'
result : NT_STATUS_OK
[2019/04/10 10:09:48.042076, 1, pid=15234, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
wbint_GetNssInfo: struct wbint_GetNssInfo
in: struct wbint_GetNssInfo
info : *
info: struct wbint_userinfo
domain_name : *
domain_name : 'JEOFFICE'
acct_name : *
acct_name : 'ianc'
full_name : NULL
homedir : *
homedir : '/home/%D/%U'
shell : *
shell : '/bin/bash'
uid : 0x000000000030d97f
(3201407)
primary_gid : 0x00000000ffffffff
(4294967295)
primary_group_name : NULL
user_sid : <RED>-1407
group_sid : <RED>-513
[2019/04/10 10:09:48.043212, 1, pid=15234, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
wbint_GetNssInfo: struct wbint_GetNssInfo
out: struct wbint_GetNssInfo
info : *
info: struct wbint_userinfo
domain_name : *
domain_name : 'JEOFFICE'
acct_name : *
acct_name : 'ianc'
full_name : NULL
homedir : *
homedir : '/home/%D/%U'
shell : *
shell : '/bin/bash'
uid : 0x000000000030d97f
(3201407)
primary_gid : 0x00000000ffffffff
(4294967295)
primary_group_name : NULL
user_sid : <RED>-1407
group_sid : <RED>-513
result : NT_STATUS_REQUEST_NOT_ACCEPTED
Is this last "NT_STATUS_REQUEST_NOT_ACCEPTED" maybe the problem?
I will quickly glance at apparmor
>
> Rowland
>
>
>
More information about the samba
mailing list