Web lists-archives.com

Re: [Samba] getent passwd does not show correct UID.GID




On Fri, 01 Dec 2017 03:28:08 -0500
Mark Foley via samba <samba@xxxxxxxxxxxxxxx> wrote:

> On Fri, 1 Dec 2017 08:11:04 +0000 Rowland Penny via samba
> <samba@xxxxxxxxxxxxxxx> wrote:
> 
> > On Fri, 01 Dec 2017 02:33:45 -0500
> > Mark Foley via samba <samba@xxxxxxxxxxxxxxx> wrote:
> >
> > > I've moved a user from being in /etc/passwd to being a proper
> > > domain user.  I've added the user with RSAT with UID.GID
> > > 10005.10000. I've removed the user from /etc/passwd. However,
> > > getent continues to show the user with his old UID:
> > > 
> > > # getent passwd mpress
> > > HPRS\mpress:*:3000031:10000:Mike Press:/home/HPRS/mpress:/bin/bash
> > > 
> > > in ldbsearch it shows the correct UID:GID:
> > > 
> > > # record 281
> > > dn: CN=Mike Press,CN=Users,DC=hprs,DC=local
> > > msSFU30NisDomain: hprs
> > > uidNumber: 10005
> > > loginShell: /bin/bash
> > > unixHomeDirectory: /home/HPRS/mpress
> > > gidNumber: 10000
> > > msSFU30Name: mpress
> > > 
> > > I've rebooted the user's computer. Restarted Samba on the AD/DC,
> > > finally rebooted the AD/DC. I've done:
> > > 
> > > # /etc/rc.d/rc.sambaDC stop                          
> > > Stopping Samba
> > > 
> > > # net cache flush                           
> > > # rm /var/lib/samba/*.tdb                      
> > > 
> > > # /etc/rc.d/rc.sambaDC start
> > > Starting Samba:  /usr/sbin/samba
> > > 
> > > # getent passwd mpress      
> > > HPRS\mpress:*:10005:10000:Mike Press:/home/HPRS/mpress:/bin/bash
> > > 
> > > Notice that immediately after doing this flush/rm the UID is
> > > correct, but about 30 seconds later, it's back to 3000031.
> > > 
> > > Any ideas?
> > > 
> > > Thanks, --Mark
> > > 
> >
> > I think you may be running into this bug:
> >
> > https://bugzilla.samba.org/show_bug.cgi?id=13054
> >
> > Rowland
> 
> Thanks, but I'm not sure I see the problem, nor the solution.  You
> mention "net cache flush has to be run".  When I run `net cache
> flush` I do see the correct UID for about 30 seconds.  Then it
> reverts back to the old UID.
> 
> Is the solution to also edit the xid number in idmap.ldb?
> 
> I'll experiment with that while awaiting your wisdom.
> 
> THX --Mark
> 

I take it this is happening on a DC, if so, open idmap.ldb with
ldbedit, find the users object (you will need to know the users SID for
this). Copy the users object to somewhere safe (just in case), then
delete it. Hopefully the problem should now have gone.

As always, you should do this in test domain first.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba