[Samba] more cleanup: mis-named AD user
Stefan G. Weichinger
lists at xunil.at
Tue Aug 6 14:11:41 UTC 2019
Am 06.08.19 um 16:02 schrieb Rowland penny via samba:
> Aha, that sounds like a guy who somehow knows the root/Administrators
> password and is using it, not that you will ever get him to admit it. I
> would change the root password and not tell him.
Hm, dunno. The shares are connected via GPOs etc
I changed the password for Administrator now.
So far no change and no call.
Maybe some shares in his registry, using the Administrator-user?
I killed that smbd-process now as well (no files were open right now)
smbusers map edited as well
-
What about that stuff in /var/lib/samba/private on the DM? I see files
from 2017:
root at pre01svdeb01:/var/lib/samba# ls -l private/
insgesamt 3388
drwx------ 2 root root 12288 Aug 6 16:09 msg.sock
-rw------- 1 root root 32768 Aug 6 08:09 netlogon_creds_cli.tdb
-rw------- 1 root root 421888 Jul 8 2017 passdb.tdb
-rw------- 1 root root 1286144 Jul 10 2017 sam.ldb
-rw------- 1 root root 1286144 Jul 8 2017 secrets.ldb
-rw------- 1 root root 430080 Apr 13 2018 secrets.tdb
Does the idmap play a role here?
thx, s
More information about the samba
mailing list