Web lists-archives.com

Re: [Samba] passdb.tdb shows no users in new 4.3.11-ubuntu install?




On Tue, 12 Jun 2018 09:31:57 -0400
"David H. Durgee via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> I enabled logging at level 3 on my new 4.3.11-ubuntu (sylvia) system
> to see why I was not opening a share properly from another system.
> The log shows:
> 
>     [2018/06/11 20:49:13.418108,  3]
>     ../source3/auth/auth.c:178(auth_check_ntlm_password)
>        check_ntlm_password:  Checking password for unmapped user
>     [AGI-NET]\[dhdurgee]@[Z560] with the new password interface
>     [2018/06/11 20:49:13.418124,  3]
>     ../source3/auth/auth.c:181(auth_check_ntlm_password)
>        check_ntlm_password:  mapped user is:
> [DG41TY]\[dhdurgee]@[Z560] [2018/06/11 20:49:13.418178,  3]
>     ../source3/auth/check_samsec.c:400(check_sam_security)
>        check_sam_security: Couldn't find user 'dhdurgee' in passdb.
>     [2018/06/11 20:49:13.418201,  2]
>     ../source3/auth/auth.c:315(auth_check_ntlm_password)
>        check_ntlm_password:  Authentication for user [dhdurgee] ->
>     [dhdurgee] FAILED with error NT_STATUS_NO_SUCH_USER
>     [2018/06/11 20:49:13.428484,  3]
>     ../source3/auth/auth_util.c:1602(do_map_to_guest_server_info)
>        No such user dhdurgee [AGI-NET] - using guest account
> 
> 
> So it appears that "dhdurgee" is not in passdb for some reason.
> Checking this on that system shows:
> 
>     dhdurgee@DG41TY ~ $ sudo pdbedit --list --verbose
>     [sudo] password for dhdurgee:
>     WARNING: The "syslog" option is deprecated
>     dhdurgee@DG41TY ~ $
> 
> 
> So there are no users in passdb?  Doing the same on 3.6.25 (maya)
> shows unix users nobody and dhdurgee as expected.
> 
> Is the passdb compatible between the two?  Can I simply copy the
> 3.6.25 version over the 4.3.11 one?  Shouldn't the passdb have been
> initialized properly when samba was installed?  Is there an
> initialization utility to run to do so? The 3.6.25 version of
> passdb.tdb is 36864 bytes while the 4.3.11 version is 421888 bytes
> respectively.
> 
> Dave

Welcome to the wonderful world of running Samba as a standalone
server ;-)

You need to create your users and groups on the new server, both as
Unix & Samba users and groups, you will also have to add users to the
required groups. You will also have ensure that the connecting user has
the same password as the Samba user. This can quickly become a pain,
such as when a connecting user changes their password, you need to come
up with a way to also change the users Samba password as well.

You may be able to copy the Samba tdb files from one server to the
other, I am unsure because I have never tried it, I abandoned standalone
servers so time ago.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba