[Samba] Upgrade Samba AD from 4.3 to 4.7 - ID mapping failure
Ben Curtis
samba at nosolutions.com
Thu May 11 22:28:09 UTC 2023
Well, it seems `smbcontrol` wasn't reloading properly. After adding the
`gidNumber` to domain users and fully restarting Samba, all started
working again.
On Thu, 2023-05-11 at 17:59 -0400, Ben Curtis via samba wrote:
> Hi all,
> I am trying to upgrade my Samba 4.3 AD to a Samba 4.7 AD, and am
> havingsome problems with ID mapping.
> My smb.conf file has been updated as per the documentation (
> https://wiki.samba.org/index.php/Updating_Samba and
> https://wiki.samba.org/index.php/Idmap_config_ad). A copy of it is
> linked below.
> When running:
> `ldbedit -H /var/lib/samba/private/sam.ldb 'samaccountname=myuser'`
> (or with domain users) there are no uidNumberor gidNumber in my AD. I
> have tried adding them. The AD was supplyingids, however, as `id` as
> a logged in user in Ubuntu shows:
> `uid=385601105(myuser) gid=385600513(domain
> users)groups=385600513(domain users)`
> While systems using LDAP seem to be working with the new AD
> controller,`wbinfo` is failing. For instance see below. The logs
> linked are alldebug log level 5.
> ```~$ net cache flush && wbinfo -i myuserfailed to call wbcGetpwnam:
> WBC_ERR_DOMAIN_NOT_FOUNDCould not get info for user testing~$ net
> cache flush && wbinfo -n myuserS-1-5-21-1057597257-2002501470-
> 2521000767-1105 SID_USER (1)~$ net cache flush && wbinfo -s S-1-5-21-
> 1057597257-2002501470-2521000767-1105CORP\myuser 1~$ net cache flush
> && wbinfo --user-sidinfo S-1-5-21-1057597257-2002501470-2521000767-
> 1105failed to call wbcGetpwsid: WBC_ERR_DOMAIN_NOT_FOUNDCould not get
> info for user sid S-1-5-21-1057597257-2002501470-2521000767-1105```
> You can see from the output that I'm getting the errors that seem
> tousually come from no gid/uid in objects. The logs show errors for
> userlookup such as `NT_STATUS_NO_SUCH_USER`. I have tried hardcoding
> in`uidNumber` and `gidNumber` into myuser and Domain Users with
> `ldbedit`but no luck there.
> Any help would be appreciated.
> smb.conf: https://www.dropbox.com/s/iu2hx2q32fi851h/smb.conf.txt?dl=0
> wbinfo -i myuser log:
> https://www.dropbox.com/s/zzb2ixlj41amu3v/wbinfo_-i_myuser.txt?dl=0
> wbinfo -n myuser log:
> https://www.dropbox.com/s/dwpv6mz45su172k/wbinfo%20-n%20myuser.txt?dl=0
> wbinfo -s S-1-5-21-1057597257-2002501470-2521000767-1105 log:
> https://www.dropbox.com/s/kd03sn39gf3whhj/wbinfo%20-s%20sid.txt?dl=0
> wbinfo -s S-1-5-21-1057597257-2002501470-2521000767-1105 log:
> https://www.dropbox.com/s/1q1wfqbeg7bc63m/wbinfo_--user-sidinfo_sid.txt?dl=0
>
> Thanks,Ben
>
Thanks,
Ben
More information about the samba
mailing list