Web lists-archives.com

Re: [Samba] Domain Users group with multiple gid

The samba was created by Zentyal system (http://www.zentyal.org).

Here is smb.conf:

    workgroup = arditi
    realm = ARDITI.PT
    netbios name = hera
    server string = Zentyal Server
    server role = dc
    server role check:inhibit = yes
    server services = -dns
    server signing = auto
    dsdb:schema update allowed = yes
    ldap server require strong auth = no
    drs:max object sync = 1200

    idmap_ldb:use rfc2307 = yes

    winbind enum users = yes
    winbind enum groups = yes
    template shell = /bin/bash
    template homedir = /home/%U

    interfaces = lo,eth0
    bind interfaces only = yes

    map to guest = Bad User

    log level = 3
    log file = /var/log/samba/samba.log
    max log size = 100000

    include = /etc/samba/shares.conf

    path = /var/lib/samba/sysvol/arditi.pt/scripts
    browseable = no
    read only = yes

    path = /var/lib/samba/sysvol
    read only = no

Às 13:08 de 08-04-2018, Rowland Penny via samba escreveu:
On Sun, 8 Apr 2018 12:47:25 +0100
Clemente Aguiar via samba <samba@xxxxxxxxxxxxxxx> wrote:


I have little knowledge about Samba 4 and I need help.

I have a Zentyal 5 server, which is based on Ubuntu 16.04 and Samba4.

There are some issues with Samba access to certain shares, because
there seems to be 2 different gid for group "Domain Users", gid 1901
and gid 2513.

# wbinfo --gid-info 2513
ARDITI\domain users:x:2513:

# wbinfo --gid-info 1901
ARDITI\domain users:x:1901:

# wbinfo --gid-to-sid=*1901*
# wbinfo --gid-to-sid=*2513*

# wbinfo --sid-to-gid=S-1-5-21-1969551146-1524703261-742246316-513

  From this last statement it seems that gid 2513 is the correct one.

I can I get rid of the incorrect entry?


How is Samba being run ?
Can you post your smb.conf


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba