Web lists-archives.com

[Samba] Got "I have no name!" error after deleting a samba user whose username is identical to the AD user




 Hi,

I am running Samba 4.3.11-Ubuntu on a cluster of Ubuntu 16.04 and Samba is
configured as an AD Server.

I got "I have no name!" error after deleting a samba user whose username is
identical to my Linux username (An AD user).

Here is how this happens:

The AD user is zhangyy (uid 12369).

1. We used `smbpasswd -a zhangyy` to created a new smb user.
2. We used `smbpasswd -x zhangyy` to delete the newly created smb user.

After doing this, I lost my username, and got the "I have no name!" error.
and id command showed "no such user" error. But I can get my username by
the micro $USER. It is weird.

After searching on Google for a while, I came to understand that idmapping
may be the problem.

Here are some useful outputs of wbinfo:


> I have no name!@bd21:~$ id
>
> uid=12369 gid=10513(domain users) groups=10513(domain
>> users),12369(zhangyy),14222(certsvc_dcom_access),1000002(BUILTIN\users)
>
> I have no name!@bd21:~$ wbinfo -n zhangyy
>
> S-1-5-21-2473489792-1370047036-1446391509-2369 SID_USER (1)
>
> I have no name!@bd21:~$ wbinfo --uid-to-sid=12369
>
> S-1-5-21-3437994910-1777336544-1996716333-1009
>
> I have no name!@bd21:~$ wbinfo --sid-to-uid=S-1-5-21-
>> 3437994910-1777336544-1996716333-1009
>
> 12369
>
> I have no name!@bd21:~$ wbinfo --sid-to-name=S-1-5-21-
>> 3437994910-1777336544-1996716333-1009
>
> failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
>
> Could not lookup sid S-1-5-21-3437994910-1777336544-1996716333-1009
>
> I have no name!@bd21:~$ wbinfo --sid-to-uid=S-1-5-21-
>> 2473489792-1370047036-1446391509-2369
>
> 12369
>
>
>
The sid of my user differed from that on the AD server. And the current sid
cannot be mapped to the name. (Is this the cause of losing my name)

 And I tried to fix the mapping by the following command but failed.

I have no name!@bd21:~$ wbinfo --set-uid-mapping=12369,S-1-5-
>> 21-2473489792-1370047036-1446391509-2369
>
> failed to call wbcSetUidMapping: WBC_ERR_NOT_IMPLEMENTED
>
> Could not create or modify uid to sid mapping
>
>
I also tried to delete winbindd_idmap.tdb and restart the computer but this
did not fix the uid-sid mapping.

And I also found that deleting a smb user whose username is identical to an
AD user will change AD user's sid (maybe locally?). But I don't know if
this is the cause of the problem.

I have put the smb.conf at the end of this email. And I need your help to
fix the problem.

Thank you very much.


smb.conf

[global]
>
>         security = ads
>
>         realm = LAB.ACT.BUAA.EDU.CN <http://lab.act.buaa.edu.cn/>
>
> # If the system doesn't find the domain controller automatically, you may
>> need the following line
>
>         password server = 192.168.0.3
>
> # note that workgroup is the 'short' domain name
>
>         workgroup = LAB
>
> #       winbind separator = +
>
>
>> idmap config * : backend        = tdb
>
> idmap config * : range          = 1000000-1999999
>
>
>> idmap config LAB : backend     = rid
>
> idmap config LAB : range       = 10000 - 49999
>
>
>> #        idmap uid = 10000-20000
>
> #        idmap gid = 10000-20000
>
>         winbind enum users = yes
>
>         winbind enum groups = yes
>
>         template homedir = /home/%D/%U
>
>         template shell = /bin/bash
>
>         client use spnego = yes
>
>         client ntlmv2 auth = yes
>
>         encrypt passwords = yes
>
>         winbind use default domain = yes
>
>         restrict anonymous = 2
>
>
Regards,

ZHANG Yangyang
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba