[Samba] Shares stopped working for groups
nick at howitts.co.uk
Sat Jul 18 07:41:05 UTC 2020
I messed up on my reply yesterday.
On 17/07/2020 21:05, Rowland penny via samba wrote:
> On 17/07/2020 19:57, Nick Howitt via samba wrote:
>> I have a ClearOS 7.8 system which is running
>> samba-4.10.4-11.el7_8.x86_64, and it upgraded to this just over a
>> week ago (probably not relevant). A couple of days ago all the group
>> shares failed. I discovered that if I switched them to the built-in
>> group "allusers" the share worked fine. It fails for any user-defined
>> group but it used to work. Samba is running as a PDC and the configs,
>> including one share are:
>> If I change the valid users to the "allusers" group and change the
>> folder permissions, it works fine.
>> [root at server ~]# wbinfo --group-info='allusers'
> Interesting, you have: idmap config * : range = 20000000-29999999
> So where is '63000' coming from ?
No idea. This is how the O/S is provided and it was probably designed
when John Terpestra was helping out.
>> Jul 16 04:34:28 server winbindd: [2020/07/16
>> 04:34:28.069299, 0]
>> Jul 16 04:34:28 server winbindd: get_credentials: Unable to
>> fetch auth credentials for cn=manager,ou=Internal,dc=sha,dc=lan in *
>> I have tried clearing the winbindd_cache.tdb and gencache.tdb but am
>> wary of clearing anything else without instruction.
> Have you run these commands :
> smbpasswd -w <ldap password>
> net idmap set secret '*' <ldap password>
Yes and it does not make any difference. How do I proceed with debugging?
> ClearOS is in for an interesting time when they upgrade to version 8,
> no Openldap or smbldap-tools, or to put it another way, can I suggest
> you jump distro and upgrade to AD.
The dev's are aware and I am not sure which way they will take the
product. Personally I really want to have AD DC compatibility and think
it would be good for business, but it may be onerous for small
installations and non-Windows environments.
More information about the samba