Web lists-archives.com

Re: [Samba] getent passwd does not show correct UID.GID




On Fri, 01 Dec 2017 03:28:08 Mark Foley via samba wrote:

> On Fri, 1 Dec 2017 08:11:04 +0000 Rowland Penny via samba <samba@xxxxxxxxxxxxxxx> wrote:
>
> > On Fri, 01 Dec 2017 02:33:45 -0500
> > Mark Foley via samba <samba@xxxxxxxxxxxxxxx> wrote:
> >
> > > I've moved a user from being in /etc/passwd to being a proper domain
> > > user.  I've added the user with RSAT with UID.GID 10005.10000. I've
> > > removed the user from /etc/passwd. However, getent continues to show
> > > the user with his old UID:
> > > 
> > > # getent passwd mpress
> > > HPRS\mpress:*:3000031:10000:Mike Press:/home/HPRS/mpress:/bin/bash
> > > 
> > > in ldbsearch it shows the correct UID:GID:
> > > 
> > > # record 281
> > > dn: CN=Mike Press,CN=Users,DC=hprs,DC=local
> > > msSFU30NisDomain: hprs
> > > uidNumber: 10005
> > > loginShell: /bin/bash
> > > unixHomeDirectory: /home/HPRS/mpress
> > > gidNumber: 10000
> > > msSFU30Name: mpress
> > > 
> > > I've rebooted the user's computer. Restarted Samba on the AD/DC,
> > > finally rebooted the AD/DC. I've done:
> > > 
> > > # /etc/rc.d/rc.sambaDC stop                          
> > > Stopping Samba
> > > 
> > > # net cache flush                           
> > > # rm /var/lib/samba/*.tdb                      
> > > 
> > > # /etc/rc.d/rc.sambaDC start
> > > Starting Samba:  /usr/sbin/samba
> > > 
> > > # getent passwd mpress      
> > > HPRS\mpress:*:10005:10000:Mike Press:/home/HPRS/mpress:/bin/bash
> > > 
> > > Notice that immediately after doing this flush/rm the UID is correct,
> > > but about 30 seconds later, it's back to 3000031.
> > > 
> > > Any ideas?
> > > 
> > > Thanks, --Mark
> > > 
> >
> > I think you may be running into this bug:
> >
> > https://bugzilla.samba.org/show_bug.cgi?id=13054
> >
> > Rowland
>
> Thanks, but I'm not sure I see the problem, nor the solution.  You mention "net cache flush has
> to be run".  When I run `net cache flush` I do see the correct UID for about 30 seconds.  Then
> it reverts back to the old UID.
>
> Is the solution to also edit the xid number in idmap.ldb?
>
> I'll experiment with that while awaiting your wisdom.
>

Well, that seemed to work.  I did all the stopping, flushing and removing as before.  Then I
edited the idmap.ldb file and changed the xid of 300035 to 10004, then restarted samba.

So far, the new uid.gid has "taken" and not reverted and it's now been over 20 minutes since I
did the update. Things (e.g. mail) are authenticating OK and mail is delivering.

THX --Mark

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba