I have Samba 3.0.0rc1 installed on a linux server DC-01 and it's configured as a PDC. The only share it has is netlogon. Users are stored in an LDAP passdb. All our users' home directories are on a second linux server, FS-01. It's been joined to the domain (command "sudo net join -U Administrator", which is the name of the "root" account). And here's a snippet from it's smb.conf: bash-2.05$ testparm Processing section "[homes]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER # Global parameters [global] workgroup = CAMPUS netbios name = FS-01 security = DOMAIN client lanman auth = No client plaintext auth = No name resolve order = wins os level = 0 preferred master = No local master = No domain master = No wins server = wins.uwrf.edu If I logon to the domain from an XP machine and pull up the properties|security on one of my files, it shows the following in the "Group or user names" box: * Group icon for Everyone * User? icon with a SID listed * Group icon with the name of my group listed Why do I get the User? icon with the SID showing? The SID appears to be the localsid for FS-01 (where the homes share is located). From FS-01: bash-2.05$ sudo net getlocalsid CAMPUS SID for domain CAMPUS is: S-1-5-21-1347140671-2256076281-2964443892 bash-2.05$ sudo net getlocalsid SID for domain FS-01 is: S-1-5-21-3124996394-1784840607-3979961563 The User? SID is S-1-5-21-3124996394-1784840607-3979961563-10808 I was expecting the User icon with my login name since this is supposed to be a single domain with single users/groups. If I look at a file on \\DC-01\netlogon, I see my name and group. Is there some step I've missed in setting up the homes server? -- Marlys A. Nelson Sr. Network Specialist Information Technology Services Network Services University of Wisconsin - River Falls 715/425-4357 410 South Third Street Email: Marlys.A.Nelson@uwrf.edu River Falls WI 54022 http://www.uwrf.edu/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1> Message: 15 > Date: Sun, 17 Aug 2003 19:03:39 -0500 > From: Marlys Nelson <Marlys.A.Nelson@uwrf.edu> > Subject: [Samba] Samba 3.0.0rc1 and 2 servers - PDC and homes > To: samba@lists.samba.org > Message-ID: <3F4017DB.4060707@uwrf.edu> > Content-Type: text/plain; charset=us-ascii; format=flowed > > I have Samba 3.0.0rc1 installed on a linux server DC-01 and it'sconfigured as> a PDC. The only share it has is netlogon. Users are stored in an LDAPpassdb.> > All our users' home directories are on a second linux server, FS-01.It's> been joined to the domain (command "sudo net join -U Administrator",which is> the name of the "root" account). And here's a snippet from it's smb.conf: >[..]> > If I logon to the domain from an XP machine and pull up the > properties|security on one of my files, it shows the following in the"Group> or user names" box: > * Group icon for Everyone > * User? icon with a SID listed > * Group icon with the name of my group listed > > Why do I get the User? icon with the SID showing? The SID appears tobe the> localsid for FS-01 (where the homes share is located). > > From FS-01: > bash-2.05$ sudo net getlocalsid CAMPUS > SID for domain CAMPUS is: S-1-5-21-1347140671-2256076281-2964443892 > bash-2.05$ sudo net getlocalsid > SID for domain FS-01 is: S-1-5-21-3124996394-1784840607-3979961563 > > The User? SID is S-1-5-21-3124996394-1784840607-3979961563-10808 > > I was expecting the User icon with my login name since this issupposed to be> a single domain with single users/groups. If I look at a file on > \\DC-01\netlogon, I see my name and group. Is there some step I'vemissed in> setting up the homes server? >This looks exactly like what I am seeing with a samba-3.0.0rc1 member in a samba-2.2.8a domain, and seems to be this bug: https://bugzilla.samba.org/show_bug.cgi?id=245 With samba-2.2.x (instead of 3.0.0rc1) on the (same) member server, the SID is resolved correctly, and Win2ksp3 shows the username/gecos correctly. Jerry asked for level 10 logs for this, I will be sending him some shortly ... Regards, Buchan - -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/QSCYrJK6UGDSBKcRAmpeAJ9DNAuyVK5YnF7qiS4G9c+njiXofACgqkyB B3AzgS7VI/y1FkwL/pCnZvg=NJzk -----END PGP SIGNATURE----- ****************************************************************** Please click on http://www.cae.co.za/disclaimer.htm to read our e-mail disclaimer or send an e-mail to info@cae.co.za for a copy. ******************************************************************
Gerald (Jerry) Carter
2003-Aug-22 15:00 UTC
[Samba] Samba 3.0.0rc1 and 2 servers - PDC and homes
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 18 Aug 2003, Buchan Milne wrote:> > If I logon to the domain from an XP machine and pull up the > > properties|security on one of my files, it shows the following in the > > "Group or user names" box: > > * Group icon for Everyone > > * User? icon with a SID listed > > * Group icon with the name of my group listedThis should be fixed in the latest SAMBA_3_0 cvs. Please test. cheers, jerry ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "You can never go home again, Oatman, but I guess you can shop there." --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/RjAZIR7qMdg1EfYRAs6pAJ9EA7TsQIhf/olTGi7PdpC7O7rmcQCg223Z nvr5ujSiqoUgKXoSJ5KHejQ=MSsG -----END PGP SIGNATURE-----