[Samba] Problems after upgrade from Samba3/OpenLDAP to Samba4 - New Useraccounts aren't properly working

Rowland Penny rpenny at samba.org
Wed Jan 16 17:30:42 UTC 2019

On Wed, 16 Jan 2019 17:54:04 +0100 (CET)
Jens G√ľnther via samba <samba at lists.samba.org> wrote:

> Hello! 
> We've got some problems after an Upgrade from OpenLDAP and Samba3 to
> Samba4 AD (4.5.12 on Debian 9). After a successfull upgrade. we can't
> create no new properly working User-accounts with the RSAT-mmc
> (Windows 2k8, which is connected to the DC). The account can be
> created in RSAT and can even login on a Windows 7 Client - which is
> fine - but the account doe not got any access on networkshares.  On
> dc-side you can retrieve the user-accounts via "wbinfo -u" (the old
> and new ones), respectively old and new groups via "wbinfo -g", but
> when you execute "getent passwd" it will only display the old
> useraccounts and not the new ones. It seems new accounts don't get
> valuable uid/gid. Does somebody know how to fix this problem?

I take it you mean that you have run classicupgrade and now have a
Samba AD DC with the users and groups from the old NT4-style domain.

You are now creating users on a Windows machine using RSAT, do you have
the Unix Attributes tab ? if not you need it. A normal windows user
does not get any rfc2307 attributes by default, you need to add them
via the Unix Attributes tab. Other ways of adding them are available.


More information about the samba mailing list