Web lists-archives.com

Re: [Samba] wiki suggestions, part 2




On Fri, 27 Apr 2018 09:26:36 +0200
Klaus Hartnegg via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Am 26.04.2018 um 20:07 schrieb Harry Jede via samba:
> > No, i have created 2 users with same sid.
> > 
> > root@capella:~# pdbedit -Lv  | grep "User SID" | sort|uniq -d
> > root@capella:~#
> > 
> > root@capella:~# pdbedit -L|grep Failing
> > ldapsam_getsampwsid: More than one user with SID
> > [S-1-5-21-3958726613-3318811842-4132420312-21010]. Failing. count=2
> > ldapsam_getsampwsid: More than one user with SID
> > [S-1-5-21-3958726613-3318811842-4132420312-21010]. Failing. count=2
> 
> What?!?
> 
> I would like to call this behaviour of "pdbedit -Lv" a bug, and
> wonder whether it is documented.

It isn't a Samba bug, it is a 'your script' bug ;-)
You use 'uniq'

> 
> What happens with this command:
> pdbedit -Lv  | grep "SID" | grep -v "Group" | sort | uniq -d

That is better, in that you shouldn't have two users with the same
SID-RID, but you are still using 'uniq'

> 
> With this behaviour of pdbedit the suggestion from the wiki to
> "script around" the commands "pdbedit -Lv" and "net groupmap list"
> does not help to find multiple users with the same SID. It should
> specifically tell that the output will not contain a "User SID" of
> those users, because nobody would expect that.
> 
> Does the comment from the wiki mean that a user could have the same
> SID as a group? That would require matching both, then the sentence
> makes sense.

Yes, just like Linux, A windows user can have the same ID as a group.
The relevant part part is the RID, this is analogous to a Unix UID or
GID.

Rowland

> 
> Klaus
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba