[Samba] Numerically large UID issues (I think)
Patrick Goetz
pgoetz at math.utexas.edu
Wed Mar 30 12:44:12 UTC 2022
I'm trying to do an Ubuntu 20.04 Samba-only (i.e. no sssd) deployment
against the University's somewhat Rube Goldberg AD, and am running in to
issues. In particular
root at cns-khl-files:/etc# getent passwd pgoetz
pgoetz:*:10224688:10000513::/home/pgoetz:/bin/bash
root at cns-khl-files:/etc# getent passwd jm88942
root at cns-khl-files:/etc#
So, getent passwd works for me, but not for username jm88942. Using
Powershell:
------------------------------------------
PS C:\Users\cns-pgoetz> get-aduser pgoetz
DistinguishedName : CN=Goetz Patrick G
(pgoetz),OU=Austinites,OU=People,DC=austin,DC=utexas,DC=edu
Enabled : True
ObjectClass : user
ObjectGUID : 8c30a807-88a1-4e68-8274-6cf88839223b
SamAccountName : pgoetz
SID : S-1-5-21-527237240-963894560-725345543-224688
PS C:\Users\cns-pgoetz> get-aduser jm88942
DistinguishedName : CN=XXX
(jm88942),OU=Austinites,OU=People,DC=austin,DC=utexas,DC=edu
Enabled : True
ObjectClass : user
ObjectGUID : f3c6665c-eee0-4f00-b514-f4c7a773a86f
SamAccountName : jm88942
SID : S-1-5-21-527237240-963894560-725345543-10188858
------------------------------------------
Notice that my RID is 224688 while jm88942's is numerically larger: 10188858
Here is the RID mapping from smb.conf:
idmap config * : backend = tdb
idmap config * : range = 3000-9999
idmap config AUSTIN : backend = rid
idmap config AUSTIN : range = 10000000-10999999
I had originally set the base to 1000000, noticed the problem and
increased the base to 10000000, but this doesn't seem to have helped.
I'm only showing 2 examples, but I've tested a couple of other users
with the same result. RIDs < one million work, RIDs > one million don't.
Any ideas? This is what I get on an sssd-based system:
root at kraken:~# getent passwd jm88942
jm88942:*:255188858:1007000513:McLellan Jason
(jm88942):/home/jm88942:/bin/bash
I thought sssd used the same RID -> UID mapping system that the Samba
RID bank end uses, but the math doesn't work out:
(jm88942) 255188858 - 10188858 = 245000000
However,
root at kraken:~# getent passwd pgoetz
pgoetz:*:1562224688:1007000513:Goetz Patrick G
(pgoetz):/home/pgoetz:/bin/bash
(pgoetz) 1562224688 - 224688 = 1562000000
so apparently not just adding a base value to the user's RID.
I'm hoping to not have to install sssd and spaghettify this system...
More information about the samba
mailing list