Ćukasz Michalski
2019-Jul-18  12:51 UTC
[Samba] getent passwd shows old name for renamed user
Hi, I renamed user 'foo' to 'bar' on my samba AD using an ADUC on a Windows2008 Server. Now on a samba member I see: # wbinfo -u .... bar # getent passwd .... foo:*:10001:10000:Some user:/home/bar:/bin/sh Home dir changed, but the a name is still old. What can I do to make getent show the new name? I am using winbind and ad backend, here is my smb.conf: [global] security = ADS workgroup = SAMDOM realm = SITE.SAMDOM.PL bind interfaces only = yes interfaces = lo eno2 vboxnet0 log file = /var/log/samba/%m.log log level = 1 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes winbind refresh tickets = Yes dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab username map = /etc/samba/user.map # Default ID mapping configuration for local BUILTIN accounts # and groups on a domain member. The default (*) domain: # - must not overlap with any domain ID mapping configuration! # - must use a read-write-enabled back end, such as tdb. idmap config * : backend = tdb idmap config * : range = 3000-7999 # - You must set a DOMAIN backend configuration # idmap config for the SAMDOM domain idmap config SAMDOM:backend = ad idmap config SAMDOM:schema_mode = rfc2307 idmap config SAMDOM:range = 10000-999999 idmap config SAMDOM:unix_nss_info = yes vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes Thanks, ?ukasz
Might have something to do with this bug: https://bugzilla.samba.org/show_bug.cgi?id=11482 You can find and make the relevant changes with ADSI Edit. Kris Lou klou at themusiclink.net On Thu, Jul 18, 2019 at 5:52 AM ?ukasz Michalski via samba < samba at lists.samba.org> wrote:> Hi, > > I renamed user 'foo' to 'bar' on my samba AD using an ADUC on a > Windows2008 Server. > > Now on a samba member I see: > > # wbinfo -u > .... > bar > > > # getent passwd > .... > foo:*:10001:10000:Some user:/home/bar:/bin/sh > > > Home dir changed, but the a name is still old. > What can I do to make getent show the new name? > > I am using winbind and ad backend, here is my smb.conf: > > [global] > security = ADS > workgroup = SAMDOM > realm = SITE.SAMDOM.PL > > bind interfaces only = yes > interfaces = lo eno2 vboxnet0 > > log file = /var/log/samba/%m.log > log level = 1 > > winbind enum users = yes > winbind enum groups = yes > > winbind use default domain = yes > > winbind refresh tickets = Yes > dedicated keytab file = /etc/krb5.keytab > kerberos method = secrets and keytab > > username map = /etc/samba/user.map > > # Default ID mapping configuration for local BUILTIN accounts > # and groups on a domain member. The default (*) domain: > # - must not overlap with any domain ID mapping configuration! > # - must use a read-write-enabled back end, such as tdb. > idmap config * : backend = tdb > idmap config * : range = 3000-7999 > # - You must set a DOMAIN backend configuration > # idmap config for the SAMDOM domain > idmap config SAMDOM:backend = ad > idmap config SAMDOM:schema_mode = rfc2307 > idmap config SAMDOM:range = 10000-999999 > idmap config SAMDOM:unix_nss_info = yes > > vfs objects = acl_xattr > map acl inherit = yes > store dos attributes = yes > > Thanks, > ?ukasz > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 18/07/2019 17:36, Kris Lou via samba wrote:> Might have something to do with this bug: > https://bugzilla.samba.org/show_bug.cgi?id=11482 > > You can find and make the relevant changes with ADSI Edit. > >The problem is that renaming a user on Linux works the opposite way to Windows and neither renames everything. If you rename on Linux with ldbrename, it renames dn, cn, name and distinguishedname, it doesn't rename any other attributes, Windows renames everything except dn, cn, name and distinguishedname Rowland
Apparently Analagous Threads
- getent passwd shows old name for renamed user
- getent passwd shows old name for renamed user
- getent passwd shows old name for renamed user
- getent passwd shows old name for renamed user
- getent group does not list domain groups - question regarding default gidNumbers on PDC