Hi !
I'm running a samba domain controler under rhel 5. It's version
3.0.33-3.7.el5.
I've also installed a ldap server to store users and groups and so on.
When I try a pdbedit -v david, I get the following :
Unix username: david
NT username: david
Account Flags: [U ]
User SID: S-1-5-21-215069222-2822928016-2390355089-1016
Finding user david
Trying _Get_Pwnam(), username as lowercase is david
Get_Pwnam_internals did find user [david]!
smbldap_search_ext: base => [ou=Groups,ou=ia27,dc=ac-rouen,dc=fr], filter =>
[(&(objectClass=sambaGroupMapping)(gidNumber=666))], scope => [2]
init_group_from_ldap: Entry found for group: 666
lookup_global_sam_rid: looking up RID 666.
smbldap_search_ext: base => [ou=ia27,dc=ac-rouen,dc=fr], filter =>
[(&(sambaSID=S-1-5-21-215069222-2822928016-2390355089-666)
(objectclass=sambaSamAccount))], scope => [2]
ldapsam_getsampwsid: Unable to locate SID
[S-1-5-21-215069222-2822928016-2390355089-666] count=0
smbldap_search_ext: base => [ou=Groups,ou=ia27,dc=ac-rouen,dc=fr], filter =>
[(&(objectClass=sambaGroupMapping)
(sambaSID=S-1-5-21-215069222-2822928016-2390355089-666))], scope => [2]
init_group_from_ldap: Entry found for group: 666
lookup_rids: CDTI:2
Primary Group SID: S-1-5-21-215069222-2822928016-2390355089-666
Full Name: david
The weird thing is ldapsam_getsampwsid: Unable to locate SID
I think I made a mistake when creating both unix groups and samba groups.
Here is how the unix group is defined :
dn: cn=cdti,ou=Group,BASEDN
objectClass: posixGroup
objectClass: top
cn: cdti
userPassword: {crypt}x
gidNumber: 666
Here is how the samba group is defined :
dn: cn=CDTI,ou=Groups,BASEDN
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: CDTI
description:: Q2VudHJlIGTDqXBhcnRlbWVudGFsIGRlIHRyYWl0ZW1lbnQgZGUgbCdpbmZvcm
1hdGlvbg==
sambaGroupType: 2
memberUid: david
gidNumber: 666
sambaSID: S-1-5-21-215069222-2822928016-2390355089-666
And here is what the user's definition :
dn: uid=david,ou=SambaUsers,BASEDN
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: david
sn: david
givenName: david
uid: david
uidNumber: 1016
homeDirectory: /smbhome/users/david/samba
loginShell: /bin/bash
gecos: System User
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
displayName: david
sambaLogonScript: logon.bat
sambaProfilePath: \\DOMAIN_SERVER\profiles\david
sambaHomePath: \\DOMAIN_SERVER\david
sambaHomeDrive: P:
sambaLMPassword: PLOP
sambaNTPassword: PLOP
sambaPasswordHistory: 000000000000000000000000000000000000000000000000000000
0000000000
sambaPwdLastSet: 1228486572
userPassword: {SSHA}PLOP
sambaAcctFlags: [U ]
sambaSID: S-1-5-21-215069222-2822928016-2390355089-1016
gidNumber: 666
sambaPrimaryGroupSID: S-1-5-21-215069222-2822928016-2390355089-666
Of course, I've obfuscated what I found that has not point with my problem !
I think that the problem comes from the groups, both the unix one and the
samba one, but I don't know how to fix it.
If anyone could tell me what I could to to correct this, that would be great !
I hope I've given enough informations, but if you think I should give more,
fell free to ask. I'd really like to get rid of this anoying message.
Thanks in advance !
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
