Using ldap as my sam backend and Samba 3.0.0-2, I'm showing that samba stops parsing a RID when it encounters a letter. For example, I have an accounting group with gid 2771 and therefore rid ad3. When I list the groups in the samba domain, however, I get this listing: Domain Admins (DOMAINSID-512) -> Domain Admins Domain Users (DOMAINSID-513) -> Domain Users Domain Guests (DOMAINSID-514) -> Domain Guests marketing (DOMAINSID-0) -> marketing support (DOMAINSID-0) -> support sales (DOMAINSID-0) -> sales integrators (DOMAINSID-0) -> integrators accounting (DOMAINSID-0) -> accounting All of the groups showing RID 0 have RIDs that begin with a letter. This behavior applies to every entry in the SAM. What's going on here? -- Michael D. Jurney mike@jurney.org
On Thu, 13 Nov 2003 mike@jurney.org wrote:> > Using ldap as my sam backend and Samba 3.0.0-2, I'm showing that samba > stops parsing a RID when it encounters a letter. For example, I have an > accounting group with gid 2771 and therefore rid ad3. When I list the > groups in the samba domain, however, I get this listing: > > Domain Admins (DOMAINSID-512) -> Domain Admins > Domain Users (DOMAINSID-513) -> Domain Users > Domain Guests (DOMAINSID-514) -> Domain Guests > marketing (DOMAINSID-0) -> marketing > support (DOMAINSID-0) -> support > sales (DOMAINSID-0) -> sales > integrators (DOMAINSID-0) -> integrators > accounting (DOMAINSID-0) -> accounting > > All of the groups showing RID 0 have RIDs that begin with a letter. This > behavior applies to every entry in the SAM. What's going on here?Please file a bug report on https://bugzilla.samba.org This is a bug. - John T. -- John H Terpstra Email: jht@samba.org
On Thu, 13 Nov 2003 mike@jurney.org wrote:> > Using ldap as my sam backend and Samba 3.0.0-2, I'm showing that samba > stops parsing a RID when it encounters a letter. For example, I have an > accounting group with gid 2771 and therefore rid ad3. When I list the > groups in the samba domain, however, I get this listing: > > Domain Admins (DOMAINSID-512) -> Domain Admins > Domain Users (DOMAINSID-513) -> Domain Users > Domain Guests (DOMAINSID-514) -> Domain Guests > marketing (DOMAINSID-0) -> marketing > support (DOMAINSID-0) -> support > sales (DOMAINSID-0) -> sales > integrators (DOMAINSID-0) -> integrators > accounting (DOMAINSID-0) -> accounting > > All of the groups showing RID 0 have RIDs that begin with a letter. This > behavior applies to every entry in the SAM. What's going on here?After discussion, it turns out that this isn't a bug - I was synthesizing usee SIDs by appenting the _hexadecimal_ RID to the domain SID. I modified my migration scripts to convert the (hex) rid: attribute in my current ldap SAM to decimal, which resolved the problem. Thanks everyone for your help. -- Michael D. Jurney mike@jurney.org