I have 2 Ubuntu 12.04/samba 4 servers acting as DCs for my Domain. I provisioned the Domain by using the classicupgrade (prior authentication was LDAP+Samba). I have added some new test users. I also have two files servers. One is running RHEL 5.9/Samba 3, the other Ubuntu 12.04/Samba 4. Users that have their home directories and profiles stored on the RHEL5.9/Samba 3 fileserver work correctly. Those that are mapped to the Ubuntu 12.04/Samba 4 fileserver get "permission denied" and temp profiles. It appears the issue is that for some reason, the users have different uid/gid on the 2 Samba 4 DCs .. and I don't know why. I used wbinfo to collect the following:
All the accounts were created on Server 1 using the s4user script (slightly modified to provide more output to the screen for debugging) from http://linuxcostablanca.blogspot.com . However, the uid reported by the servers is different? Shouldn't server 1 have replicated this data to server 2? When I check the home directories, they have the uid associated with server 1. Example: If I create a new user, the output from the script is: > ./s4user Test24 User MyPassword staff server1 Creating s4 posix user Test24 Pls enter pwd for Test24 User: Test24 User User 'Test24.User' created successfully dn: CN=Test24.User,CN=Users,DC=ncs,DC=k12,DC=de,DC=us changetype: modify add: objectclass objectclass: posixaccount - add: uidnumber uidnumber: 3000054 - add: gidnumber gidnumber: 513 - add:unixhomedirectory unixhomedirectory: /home/staff/Test24.User - add: loginshell loginshell: /bin/bash Modified 1 records successfully dn: CN=Test24.User,CN=Users,DC=ncs,DC=k12,DC=de,DC=us changetype: modify replace: primarygroupid primarygroupid: 513 sleeping for 5 seconds Modified 1 records successfully Creating the home directory and setting ownership dn: CN=Test24.User,CN=Users,DC=ncs,DC=k12,DC=de,dc=us changetype: modify add: profilePath profilePath: \\server1\profiles\Test24.User - add: homeDrive homeDrive: P: - add: homeDirectory homeDirectory: \\server1\home\staff\Test24.User sleeping for 5 seconds Modified 1 records successfully New user: Test24 POSIX-ified as follows: uid 3000054 gid 513 primaryGroupID 513 sid S-1-5-21-276688905-1455118844-2751846679-513 Then use wbinfo on each server: Server1 > wbinfo -i Test24.User Domain\Test24.User:*:3000054:513::/home/Domain/Test24.User:/bin/false Server2 wbinfo -i Test24.User Domain\Test24.User:*:3000134:100::/home/DomainTest24.User:/bin/false Notice that the group id and uid are both different. Why? The basics of the script are: samba-tool user add Username Password ldbmodify --url=/usr/local/samba/private/sam.ldb -b dc=ncs,dc=k12,dc=de,dc=us /tmp/Username Where the file Username has the entries needed to define the Unix information, and the information for the Account and Profile tabs in ADUC. Do I need to manuall run the ldbmodify command on server2 and modify the /usr/local/samba/private/sam.ldb to ensure that it is synced with server1? Sincerely, Dave Hopkins -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
