Web lists-archives.com

Re: [Samba] passdb.tdb shows no users in new 4.3.11-ubuntu install?

Rowland Penny via samba wrote:
On Tue, 12 Jun 2018 11:56:14 -0400
"David H. Durgee via samba" <samba@xxxxxxxxxxxxxxx> wrote:

Rowland Penny via samba wrote:
On Tue, 12 Jun 2018 09:31:57 -0400
"David H. Durgee via samba" <samba@xxxxxxxxxxxxxxx> wrote:

I enabled logging at level 3 on my new 4.3.11-ubuntu (sylvia)
system to see why I was not opening a share properly from another
system. The log shows:

      [2018/06/11 20:49:13.418108,  3]
         check_ntlm_password:  Checking password for unmapped user
      [AGI-NET]\[dhdurgee]@[Z560] with the new password interface
      [2018/06/11 20:49:13.418124,  3]
         check_ntlm_password:  mapped user is:
[DG41TY]\[dhdurgee]@[Z560] [2018/06/11 20:49:13.418178,  3]
         check_sam_security: Couldn't find user 'dhdurgee' in
passdb. [2018/06/11 20:49:13.418201,  2]
         check_ntlm_password:  Authentication for user [dhdurgee] ->
      [dhdurgee] FAILED with error NT_STATUS_NO_SUCH_USER
      [2018/06/11 20:49:13.428484,  3]
         No such user dhdurgee [AGI-NET] - using guest account

So it appears that "dhdurgee" is not in passdb for some reason.
Checking this on that system shows:

      dhdurgee@DG41TY ~ $ sudo pdbedit --list --verbose
      [sudo] password for dhdurgee:
      WARNING: The "syslog" option is deprecated
      dhdurgee@DG41TY ~ $

So there are no users in passdb?  Doing the same on 3.6.25 (maya)
shows unix users nobody and dhdurgee as expected.

Is the passdb compatible between the two?  Can I simply copy the
3.6.25 version over the 4.3.11 one?  Shouldn't the passdb have been
initialized properly when samba was installed?  Is there an
initialization utility to run to do so? The 3.6.25 version of
passdb.tdb is 36864 bytes while the 4.3.11 version is 421888 bytes

Welcome to the wonderful world of running Samba as a standalone
server ;-)

You need to create your users and groups on the new server, both as
Unix & Samba users and groups, you will also have to add users to
the required groups. You will also have ensure that the connecting
user has the same password as the Samba user. This can quickly
become a pain, such as when a connecting user changes their
password, you need to come up with a way to also change the users
Samba password as well.

You may be able to copy the Samba tdb files from one server to the
other, I am unsure because I have never tried it, I abandoned
standalone servers so time ago.

Ah, I was wondering about that.  Do the tdb files need to be copied
as a set?  Given my 3.6.25 standalone is working as it should this
certainly seems the first thing to try.


I don't know, I migrated to Samba AD, because it is easier to maintain,
there is only one place to maintain users & passwords.

All I can suggest is to try it, backup everything, then replace
everything in /var/lib/samba (if that's where Samba lives ;-)

ITS ALIVE!  Copying all the .tdb files from /var/lib/samba on my 3.6.25 partition to replace their 4.3.11 counterparts has corrected the problems I have been encountering with the new samba release. Thanks to everyone who contributed in helping me solve this issue. On to other problems with the new system.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba