Web lists-archives.com

Re: [Samba] passdb.tdb shows no users in new 4.3.11-ubuntu install?




On Tue, 12 Jun 2018 14:23:14 -0400
"David H. Durgee via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> Rowland Penny via samba wrote:
> > On Tue, 12 Jun 2018 11:56:14 -0400
> > "David H. Durgee via samba" <samba@xxxxxxxxxxxxxxx> wrote:
> >
> >> Rowland Penny via samba wrote:
> >>> On Tue, 12 Jun 2018 09:31:57 -0400
> >>> "David H. Durgee via samba" <samba@xxxxxxxxxxxxxxx> wrote:
> >>>
> >>>> I enabled logging at level 3 on my new 4.3.11-ubuntu (sylvia)
> >>>> system to see why I was not opening a share properly from another
> >>>> system. The log shows:
> >>>>
> >>>>       [2018/06/11 20:49:13.418108,  3]
> >>>>       ../source3/auth/auth.c:178(auth_check_ntlm_password)
> >>>>          check_ntlm_password:  Checking password for unmapped
> >>>> user [AGI-NET]\[dhdurgee]@[Z560] with the new password interface
> >>>>       [2018/06/11 20:49:13.418124,  3]
> >>>>       ../source3/auth/auth.c:181(auth_check_ntlm_password)
> >>>>          check_ntlm_password:  mapped user is:
> >>>> [DG41TY]\[dhdurgee]@[Z560] [2018/06/11 20:49:13.418178,  3]
> >>>>       ../source3/auth/check_samsec.c:400(check_sam_security)
> >>>>          check_sam_security: Couldn't find user 'dhdurgee' in
> >>>> passdb. [2018/06/11 20:49:13.418201,  2]
> >>>>       ../source3/auth/auth.c:315(auth_check_ntlm_password)
> >>>>          check_ntlm_password:  Authentication for user
> >>>> [dhdurgee] -> [dhdurgee] FAILED with error NT_STATUS_NO_SUCH_USER
> >>>>       [2018/06/11 20:49:13.428484,  3]
> >>>>       ../source3/auth/auth_util.c:1602(do_map_to_guest_server_info)
> >>>>          No such user dhdurgee [AGI-NET] - using guest account
> >>>>
> >>>>
> >>>> So it appears that "dhdurgee" is not in passdb for some reason.
> >>>> Checking this on that system shows:
> >>>>
> >>>>       dhdurgee@DG41TY ~ $ sudo pdbedit --list --verbose
> >>>>       [sudo] password for dhdurgee:
> >>>>       WARNING: The "syslog" option is deprecated
> >>>>       dhdurgee@DG41TY ~ $
> >>>>
> >>>>
> >>>> So there are no users in passdb?  Doing the same on 3.6.25 (maya)
> >>>> shows unix users nobody and dhdurgee as expected.
> >>>>
> >>>> Is the passdb compatible between the two?  Can I simply copy the
> >>>> 3.6.25 version over the 4.3.11 one?  Shouldn't the passdb have
> >>>> been initialized properly when samba was installed?  Is there an
> >>>> initialization utility to run to do so? The 3.6.25 version of
> >>>> passdb.tdb is 36864 bytes while the 4.3.11 version is 421888
> >>>> bytes respectively.
> >>>>
> >>>> Dave
> >>> Welcome to the wonderful world of running Samba as a standalone
> >>> server ;-)
> >>>
> >>> You need to create your users and groups on the new server, both
> >>> as Unix & Samba users and groups, you will also have to add users
> >>> to the required groups. You will also have ensure that the
> >>> connecting user has the same password as the Samba user. This can
> >>> quickly become a pain, such as when a connecting user changes
> >>> their password, you need to come up with a way to also change the
> >>> users Samba password as well.
> >>>
> >>> You may be able to copy the Samba tdb files from one server to the
> >>> other, I am unsure because I have never tried it, I abandoned
> >>> standalone servers so time ago.
> >>>
> >>> Rowland
> >> Ah, I was wondering about that.  Do the tdb files need to be copied
> >> as a set?  Given my 3.6.25 standalone is working as it should this
> >> certainly seems the first thing to try.
> >>
> >> Dave
> >>
> > I don't know, I migrated to Samba AD, because it is easier to
> > maintain, there is only one place to maintain users & passwords.
> >
> > All I can suggest is to try it, backup everything, then replace
> > everything in /var/lib/samba (if that's where Samba lives ;-)
> >
> > Rowland
> ITS ALIVE!  Copying all the .tdb files from /var/lib/samba on my
> 3.6.25 partition to replace their 4.3.11 counterparts has corrected
> the problems I have been encountering with the new samba release.
> Thanks to everyone who contributed in helping me solve this issue. On
> to other problems with the new system.
> 
> Dave
> 

This sort of begs the question, why did you think it would work without
users & groups, or did you think they would migrate from one server to
the other by something like osmosis ?

I (and I would think, everybody else) would never imagine that you
wouldn't create the users and groups on the new standalone server.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba