[Samba] New (4.18 provisioned) domain is missing id lookups from idmap.ldb (solved)
Michael Tokarev
mjt at tls.msk.ru
Thu Sep 7 20:20:55 UTC 2023
07.09.2023 22:12, Kees van Vloten via samba wrote:
> I found the issue, as expected: too silly to talk about :-)
>
> After installing the debian packages, "samba-tool domain provision" and adding a lot of settings to smb.conf, one *must* restart samba-ad-dc and only
> then uid/gid resolving of domain user/group names starts to work ...
>
> The Ansible code is now updated to restart samba before the first name lookup takes place.
IIRC, the samba wiki suggest to *stop* samba before doing `samba-tool domain provision',
and I think for a good reason too, since basically this re-creates everything (not changes
a line of two in smb.conf but everything), while running daemons continue to create/use
files with old settings. So instead of a restart, I'd use stop before provision and start
after it's complete.
Thank you for sharing the cause!
/mjt
More information about the samba
mailing list