Does smbldap-populate create an samba account for all users in /etc/passwd? I can't see why it would need a root account. But I have never used smbldap-populate (I mostly used custom scripts to migrate data.) I would delete the root entry in ldap to see what happens. Just be prepared to restore it quickly if it breaks something.
I am guessing that it didn't create a group with gid 0. I would expect that warning to go away once you delete the samba/ldap root account. Is this samba 3.x or 4.x? -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Alex Domoradov Sent: Sunday, June 13, 2010 4:52 PM To: [email protected] Subject: Re: [Samba] How shall I fix the multiple uidNumbers > From: "Gaiseric Vandal" <[email protected]> > To: <[email protected]> > Date: Sat, 12 Jun 2010 17:18:02 -0400 > Subject: Re: [Samba] How shall I fix the multiple uidNumbers > Do you even need root in ldap? > That is the very thing I'd like to find out ;) Root should be in /etc/passwd, I don't see why you need it in LDAP as well > unless root is also a samba account. Which I don't think you would need. > > But at the same time I see the following message in my samba log [2010/06/11 10:22:36, 3] lib/util_sid.c:228(string_to_sid) string_to_sid: Sid root does not start with 'S-'. [2010/06/11 10:22:36, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: root [2010/06/11 10:22:36, 3] passdb/pdb_ldap.c:5191(ldapsam_gid_to_sid) ERROR: Got 0 entries for gid 0, expected one Should I ignore this error? The user root with uid/gid 0 was created automatically with command from smbldap-tools # smbldap-populate Shell I delete them manually? I have already created the user and granted him all the privileges # id w3da uid=1339(w3da) gid=512(Domain Admins) groups=512(Domain Admins) # net rpc rights list accounts w3da Enter root's password: SeMachineAccountPrivilege SeTakeOwnershipPrivilege SeBackupPrivilege SeRestorePrivilege SeRemoteShutdownPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
