Web lists-archives.com

Re: [Samba] passdb.tdb shows no users in new 4.3.11-ubuntu install?




Rowland Penny via samba wrote:
On Tue, 12 Jun 2018 09:31:57 -0400
"David H. Durgee via samba" <samba@xxxxxxxxxxxxxxx> wrote:

I enabled logging at level 3 on my new 4.3.11-ubuntu (sylvia) system
to see why I was not opening a share properly from another system.
The log shows:

     [2018/06/11 20:49:13.418108,  3]
     ../source3/auth/auth.c:178(auth_check_ntlm_password)
        check_ntlm_password:  Checking password for unmapped user
     [AGI-NET]\[dhdurgee]@[Z560] with the new password interface
     [2018/06/11 20:49:13.418124,  3]
     ../source3/auth/auth.c:181(auth_check_ntlm_password)
        check_ntlm_password:  mapped user is:
[DG41TY]\[dhdurgee]@[Z560] [2018/06/11 20:49:13.418178,  3]
     ../source3/auth/check_samsec.c:400(check_sam_security)
        check_sam_security: Couldn't find user 'dhdurgee' in passdb.
     [2018/06/11 20:49:13.418201,  2]
     ../source3/auth/auth.c:315(auth_check_ntlm_password)
        check_ntlm_password:  Authentication for user [dhdurgee] ->
     [dhdurgee] FAILED with error NT_STATUS_NO_SUCH_USER
     [2018/06/11 20:49:13.428484,  3]
     ../source3/auth/auth_util.c:1602(do_map_to_guest_server_info)
        No such user dhdurgee [AGI-NET] - using guest account


So it appears that "dhdurgee" is not in passdb for some reason.
Checking this on that system shows:

     dhdurgee@DG41TY ~ $ sudo pdbedit --list --verbose
     [sudo] password for dhdurgee:
     WARNING: The "syslog" option is deprecated
     dhdurgee@DG41TY ~ $


So there are no users in passdb?  Doing the same on 3.6.25 (maya)
shows unix users nobody and dhdurgee as expected.

Is the passdb compatible between the two?  Can I simply copy the
3.6.25 version over the 4.3.11 one?  Shouldn't the passdb have been
initialized properly when samba was installed?  Is there an
initialization utility to run to do so? The 3.6.25 version of
passdb.tdb is 36864 bytes while the 4.3.11 version is 421888 bytes
respectively.

Dave
Welcome to the wonderful world of running Samba as a standalone
server ;-)

You need to create your users and groups on the new server, both as
Unix & Samba users and groups, you will also have to add users to the
required groups. You will also have ensure that the connecting user has
the same password as the Samba user. This can quickly become a pain,
such as when a connecting user changes their password, you need to come
up with a way to also change the users Samba password as well.

You may be able to copy the Samba tdb files from one server to the
other, I am unsure because I have never tried it, I abandoned standalone
servers so time ago.

Rowland

Ah, I was wondering about that.  Do the tdb files need to be copied as a set?  Given my 3.6.25 standalone is working as it should this certainly seems the first thing to try.

Dave

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba