Anton Renner
2016-Jan-12 13:21 UTC
[Samba] Failed to modify entry for user in samba with tdb backend
Hi Samba List I have the problem to modify an entry for a user in samba with tdb backend. My OS is OpenSuSE 13.1, Samba 4.1.21. Samba NT'Style, no AD, no LDAP, passdb backend = tdbsam I managed to delete a User in my NIS/passwd File before I deleted it in my Samba tdb. No the problem is, I can't modify the user because he does not exists, but can not add, because he exists. The problem seems to me related to the following mailing: https://lists.samba.org/archive/samba/2015-March/189740.html So I add the user in my NIS/passwd, but it does still not work. Example: server:~ # finger c360 Login: c360 Name: User C360 Directory: /var/lib/nobody Shell: /bin/false Never logged in. No Mail. No Plan. server:~ # pdbedit -L -v c360 Unix username: c360 NT username: Account Flags: [U ] User SID: S-1-5-21-1600395701-3193598224-1356783458-8526 Primary Group SID: S-1-5-21-1600395701-3193598224-1356783458-513 Full Name: Kunde C360 Home Directory: \\win1\winhome\c360 HomeDir Drive: P: Logon Script: logon.bat Profile Path: \\win1\profiles\c360 Domain: WINDY3 Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: 9223372036854775807 seconds since the Epoch Kickoff time: 9223372036854775807 seconds since the Epoch Password last set: Fre, 14 Okt 2011 06:31:31 CEST Password can change: Fre, 14 Okt 2011 06:31:31 CEST Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF server:~ # smbpasswd -x c360 Failed to delete entry for user c360. # smbpasswd -x -D 10 c360 INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 ... ... account_policy_get: name: maximum password age, val: -1 Finding user c360 Trying _Get_Pwnam(), username as lowercase is c360 Get_Pwnam_internals did find user [c360]! Opening cache file at /var/lib/samba/gencache.tdb Opening cache file at /var/lib/samba/gencache_notrans.tdb gid_to_sid: winbind failed to find a sid for gid 3263 LEGACY: gid 3263 -> sid S-1-22-2-3263 Forcing Primary Group to 'Domain Users' for c360 account_policy_get: name: password history, val: 0 pdb_set_username: setting username c360, was pdb_set_domain: setting domain WIN3, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name Kunde C360, was pdb_set_homedir: setting home dir \\win1\winhome\c360, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script logon.bat, was pdb_set_profile_path: setting profile path \\win1\profiles\c360, was pdb_set_workstations: setting workstations , was account_policy_get: name: password history, val: 0 pdb_set_user_sid: setting user sid S-1-5-21-1600395701-3193598224-1356783458-8526 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1600395701-3193598224-1356783458-8526 from rid 8526 pdb_set_group_sid: setting group sid S-1-5-21-1600395701-3193598224-1356783458-513 winbind failed to find a uid for sid S-1-5-21-1600395701-3193598224-1356783458-8526 lookup_global_sam_rid: looking up RID 8526. pdb_getsampwrid (TDB): error looking up RID 8526 by key RID_0000214e. Can't find a unix id for an unmapped group SID S-1-5-21-1600395701-3193598224-1356783458-8526 is or domain, but is unmapped LEGACY: mapping failed for sid S-1-5-21-1600395701-3193598224-1356783458-8526 Failed to delete entry for user c360. What can I do? Thank you Toni -- Freundliche Grüsse Anton Renner Systemadministrator
Rowland penny
2016-Jan-12 14:30 UTC
[Samba] Failed to modify entry for user in samba with tdb backend
On 12/01/16 13:21, Anton Renner wrote:> Hi Samba List > > I have the problem to modify an entry for a user in samba with tdb backend. > > My OS is OpenSuSE 13.1, Samba 4.1.21. Samba NT'Style, no AD, no LDAP, > passdb backend = tdbsam > > I managed to delete a User in my NIS/passwd File before I > deleted it in my Samba tdb. No the problem is, I can't modify the user > because he does not exists, but can not add, because he exists. > > The problem seems to me related to the following mailing: > https://lists.samba.org/archive/samba/2015-March/189740.html > > So I add the user in my NIS/passwd, but it does still not work. > > > Example: > server:~ # finger c360 > Login: c360 Name: User C360 > Directory: /var/lib/nobody Shell: /bin/false > Never logged in. > No Mail. > No Plan. > > > > server:~ # pdbedit -L -v c360 > Unix username: c360 > NT username: > Account Flags: [U ] > User SID: S-1-5-21-1600395701-3193598224-1356783458-8526 > Primary Group SID: S-1-5-21-1600395701-3193598224-1356783458-513 > Full Name: Kunde C360 > Home Directory: \\win1\winhome\c360 > HomeDir Drive: P: > Logon Script: logon.bat > Profile Path: \\win1\profiles\c360 > Domain: WINDY3 > Account desc: > Workstations: > Munged dial: > Logon time: 0 > Logoff time: 9223372036854775807 seconds since the Epoch > Kickoff time: 9223372036854775807 seconds since the Epoch > Password last set: Fre, 14 Okt 2011 06:31:31 CEST > Password can change: Fre, 14 Okt 2011 06:31:31 CEST > Password must change: never > Last bad password : 0 > Bad password count : 0 > Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF > > > server:~ # smbpasswd -x c360 > Failed to delete entry for user c360. > > > > > # smbpasswd -x -D 10 c360 > INFO: Current debug levels: > all: 10 > tdb: 10 > printdrivers: 10 > lanman: 10 > ... > ... > account_policy_get: name: maximum password age, val: -1 > Finding user c360 > Trying _Get_Pwnam(), username as lowercase is c360 > Get_Pwnam_internals did find user [c360]! > Opening cache file at /var/lib/samba/gencache.tdb > Opening cache file at /var/lib/samba/gencache_notrans.tdb > gid_to_sid: winbind failed to find a sid for gid 3263 > LEGACY: gid 3263 -> sid S-1-22-2-3263 > Forcing Primary Group to 'Domain Users' for c360 > account_policy_get: name: password history, val: 0 > pdb_set_username: setting username c360, was > pdb_set_domain: setting domain WIN3, was > pdb_set_nt_username: setting nt username , was > pdb_set_full_name: setting full name Kunde C360, was > pdb_set_homedir: setting home dir \\win1\winhome\c360, was > pdb_set_dir_drive: setting dir drive P:, was NULL > pdb_set_logon_script: setting logon script logon.bat, was > pdb_set_profile_path: setting profile path \\win1\profiles\c360, was > pdb_set_workstations: setting workstations , was > account_policy_get: name: password history, val: 0 > pdb_set_user_sid: setting user sid > S-1-5-21-1600395701-3193598224-1356783458-8526 > pdb_set_user_sid_from_rid: > setting user sid S-1-5-21-1600395701-3193598224-1356783458-8526 from > rid 8526 > pdb_set_group_sid: setting group sid > S-1-5-21-1600395701-3193598224-1356783458-513 > winbind failed to find a uid for sid > S-1-5-21-1600395701-3193598224-1356783458-8526 > lookup_global_sam_rid: looking up RID 8526. > pdb_getsampwrid (TDB): error looking up RID 8526 by key RID_0000214e. > Can't find a unix id for an unmapped group > SID S-1-5-21-1600395701-3193598224-1356783458-8526 is or domain, but is > unmapped > LEGACY: mapping failed for sid > S-1-5-21-1600395701-3193598224-1356783458-8526 > Failed to delete entry for user c360. > > > > > What can I do? > > Thank you > Toni > > >Well, pdbedit can see the user, so you could try 'pdbedit -x c360' Rowland
Anton Renner
2016-Jan-12 14:51 UTC
[Samba] Failed to modify entry for user in samba with tdb backend
Hi Rawland It does not work, though the user exists in the /etc/passwd: # pdbedit -x c360 Unable to delete user c360 # pdbedit -x -u c360 Unable to delete user c360 # grep c360 /etc/passwd c360:x:3763:3263:Kunde C360:/var/lib/nobody:/bin/false And the User is in my NIS # ypcat -k passwd |grep c360 c360 c360:x:3763:3263:Kunde C360:/var/lib/nobody:/bin/false> > Well, pdbedit can see the user, so you could try 'pdbedit -x c360' > > Rowland > >-- Freundliche Grüsse Anton Renner Systemadministrator RASEA RUAG Schweiz AG RUAG Aviation Schiltwaldstrasse 6032 Emmen · Switzerland Tel. +41 41 268 38 78 Fax +41 41 268 38 97 Mobile +41 79 206 01 06 Mailto:anton.renner at aerodynamics.ch Mailto:anton.renner at ruag.com http://www.ruag.com