Hello! My file server is running ubuntu samba 4.3.0 and today started the problem that my IDs have changed and this caused countless problems. In the logs I have the following: Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 07.605992, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find domain 'Unix Group'. Check connection to trusted domains! Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 07.606582, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find domain 'Unix Group'. Check connection to trusted domains! Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 07.739510, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find domain 'Unix Group'. Check connection to trusted domains! Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 07.743113, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find domain 'Unix Group'. Check connection to trusted domains! my smb.conf [global] netbios name = FILESERVER workgroup = SERVER security = ADS realm = MYDOMAIN dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab idmap config *: backend = tdb # I changed values for test idmap config *: range = 100000-9999999 idmap config SERVERAD: backend = rid # I changed values for test idmap config SERVERAD: range = 1000000000 to 9999999999 idmap_ldb: use RFC2307 = Yes winbind nss info = RFC2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes winbind refresh tickets = Yes winbind cache time = 10 # Needed for Fileserver vfs objects = acl_xattr map acl inherit = Yes store the attributes = Yes # Disable Cups load printers = no printing = bsd printcap name = / dev / null spoolss disable = yes I think the problem is that the ID are conflicting with the system: id user01 uid = 11458 (user01) gid = 10513 (domain users) groups = 10513 (domain users), 11458 (user01), 18249 (almox_grupo), 5001 (BUILTIN \ users) Thanks!!
On 12/07/16 20:03, Carlos A. P. Cunha wrote:> Hello! > > My file server is running ubuntu samba 4.3.0 and today started the > problem that my IDs have changed and this caused countless problems. > In the logs I have the following: > > Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: > 07.605992, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) > Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find > domain 'Unix Group'. Check connection to trusted domains! > Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: > 07.606582, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) > Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find > domain 'Unix Group'. Check connection to trusted domains! > Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: > 07.739510, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) > Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find > domain 'Unix Group'. Check connection to trusted domains! > Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: > 07.743113, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) > Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find > domain 'Unix Group'. Check connection to trusted domains! > > > my smb.conf > > [global] > > netbios name = FILESERVER > workgroup = SERVER > security = ADS > > realm = MYDOMAIN > dedicated keytab file = /etc/krb5.keytab > kerberos method = secrets and keytab > > > idmap config *: backend = tdb > # I changed values for test > idmap config *: range = 100000-9999999 > idmap config SERVERAD: backend = rid > # I changed values for test > idmap config SERVERAD: range = 1000000000 to 9999999999 > idmap_ldb: use RFC2307 = Yes > > winbind nss info = RFC2307 > winbind trusted domains only = no > winbind use default domain = yes > winbind enum users = yes > winbind enum groups = yes > winbind refresh tickets = Yes > winbind cache time = 10 > > # Needed for Fileserver > vfs objects = acl_xattr > map acl inherit = Yes > store the attributes = Yes > > # Disable Cups > load printers = no > printing = bsd > printcap name = / dev / null > spoolss disable = yes > > > I think the problem is that the ID are conflicting with the system: > > id user01 > uid = 11458 (user01) gid = 10513 (domain users) groups = 10513 (domain > users), 11458 (user01), 18249 (almox_grupo), 5001 (BUILTIN \ users) > > > Thanks!!Hi, your 'id' command is showing this: uid = 11458(user01) and groups = 11458(user01) How is this occurring ? Do you have a user or group called 'user01' in AD that is also in /etc/passwd ? If this is the case, you need to decide which one to keep and delete the other, users/groups cannot exist in AD and /etc/passwd. Rowland
Hello! My User is only in AD, the passwd see some User (system) with high GID in the same range of Samba Example: statd: x: 108: 65534 :: / var / lib / nfs: / bin / false My fear is that change again and lose everything again permissions, which had to redo everything ... Thank you Em 12-07-2016 16:21, Rowland penny escreveu:> On 12/07/16 20:03, Carlos A. P. Cunha wrote: >> Hello! >> >> My file server is running ubuntu samba 4.3.0 and today started the >> problem that my IDs have changed and this caused countless problems. >> In the logs I have the following: >> >> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: >> 07.605992, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) >> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find >> domain 'Unix Group'. Check connection to trusted domains! >> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: >> 07.606582, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) >> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find >> domain 'Unix Group'. Check connection to trusted domains! >> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: >> 07.739510, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) >> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find >> domain 'Unix Group'. Check connection to trusted domains! >> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: >> 07.743113, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent) >> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find >> domain 'Unix Group'. Check connection to trusted domains! >> >> >> my smb.conf >> >> [global] >> >> netbios name = FILESERVER >> workgroup = SERVER >> security = ADS >> >> realm = MYDOMAIN >> dedicated keytab file = /etc/krb5.keytab >> kerberos method = secrets and keytab >> >> >> idmap config *: backend = tdb >> # I changed values for test >> idmap config *: range = 100000-9999999 >> idmap config SERVERAD: backend = rid >> # I changed values for test >> idmap config SERVERAD: range = 1000000000 to 9999999999 >> idmap_ldb: use RFC2307 = Yes >> >> winbind nss info = RFC2307 >> winbind trusted domains only = no >> winbind use default domain = yes >> winbind enum users = yes >> winbind enum groups = yes >> winbind refresh tickets = Yes >> winbind cache time = 10 >> >> # Needed for Fileserver >> vfs objects = acl_xattr >> map acl inherit = Yes >> store the attributes = Yes >> >> # Disable Cups >> load printers = no >> printing = bsd >> printcap name = / dev / null >> spoolss disable = yes >> >> >> I think the problem is that the ID are conflicting with the system: >> >> id user01 >> uid = 11458 (user01) gid = 10513 (domain users) groups = 10513 >> (domain users), 11458 (user01), 18249 (almox_grupo), 5001 (BUILTIN \ >> users) >> >> >> Thanks!! > > Hi, your 'id' command is showing this: uid = 11458(user01) and groups > = 11458(user01) > How is this occurring ? > Do you have a user or group called 'user01' in AD that is also in > /etc/passwd ? > If this is the case, you need to decide which one to keep and delete > the other, users/groups cannot exist in AD and /etc/passwd. > > Rowland >