Hello:
I'm using:
- samba-common-3.0.9-1
- kernel 2.6.5-1.358
- FC 2
- openldap-servers-2.1.29-1
We're running an NT4 domain using an LDAP backend, and everything was running
fine until recently. The first thing that I noticed that new users were
suddenly being assigned SambaSID's that were previously being assigned to
machines.
Previously:
Typical User Entry:
uid: john
sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-2416
Typical Machine Entry:
uid: somebox$
sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-3134
Now:
Typical User Entry:
uid: jack
sambaSID: S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxx-3136
So the next time I tried to add the machine newbox, I get this error:
-------------- pdbedit -a -m newbox -d100
-----------------------------------------------------------------------
pdb_set_user_sid: setting user sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136
element 18 -> now SET
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136 from rid
3136
smbldap_search: base => [ou=Groups,dc=somedomain,dc=com], filter =>
[(&(objectClass=sambaGroupMapping)(gidNumber=1068))], scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_getgroup: Did not find group
pdb_set_group_sid: setting group sid
S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3137
element 19 -> now SET
pdb_set_group_sid_from_rid:
setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3137 from rid
3137
element 20 -> now DEFAULT
element 33 -> now CHANGED
element 32 -> now CHANGED
element 11 -> now CHANGED
element 21 -> now CHANGED
account_policy_get: maximum password age:-1
element 10 -> now CHANGED
account_policy_get: minimum password age:0
element 9 -> now CHANGED
pdb_set_username: setting username newbox$, was newbox$
element 12 -> now CHANGED
element 20 -> now CHANGED
pdb_set_group_sid: setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-515
element 19 -> now CHANGED
pdb_set_group_sid_from_rid:
setting group sid S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-515 from rid
515
smbldap_search: base => [dc=somedomain,dc=com], filter =>
[(&(&(uid=newbox$)(objectclass=sambaSamAccount))(objectclass=sambaSamAccount))],
scope => [2]
smbldap_open: already connected to the LDAP server
element 18: SET
smbldap_search: base => [dc=somedomain,dc=com], filter =>
[(&(sambaSID=S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136)(objectclass=sambaSamAccount))],
scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_add_sam_account: SID 'S-1-5-21-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxx-3136'
already in the base, with samba attributes
Unable to add machine! (does it already exist?)
----------------------------------------------------------------------------------------------------------------------
What happened? How does pdbedit generate new RID's? How can I fix this, since
as of now I can't add any machines!
Please help!
Regards,
Adnan.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
