Mario Wolff
2009-Sep-09 14:45 UTC
[Samba] Samba update 3.0.14a to 3.2.5 -> machine needs unix account!?!
Hi list, i've updated from 3.0.14a to 3.2.5 using a PDC-LDAP-setup. With 3.0.14a the "Primary Group SID" value was taken from LDAP's machine account entry. #pdbedit -Lv machine$ -d 10 ... ... smbldap_search: base => [o=mybase], filter => [(&(uid=machine$)(objectclass=sambaSamAccount))], scope => [2] init_sam_from_ldap: Entry found for user: machine$ pdb_set_username: setting username machine$, was pdb_set_domain: setting domain MYDOM, was pdb_set_nt_username: setting nt username machine$, was pdb_set_user_sid_from_string: setting user sid S-<mysid>-7842 pdb_set_user_sid: setting user sid S-<mysid>-7842 pdb_set_group_sid_from_string: setting group sid S-<mysid>-515 pdb_set_group_sid: setting group sid S-<mysid>-515 ... ... The 3.2.5 try's to resolv the unix-account to get the group! The pdb_set_group_sid are missing! To workarround i've modifyed my libnss_ldap.conf to include the computers-tree of my ldap. We have much scripts that itterate our users by "getent passwd|while read...." so it's not possible to keep all machines as unix-accounts! Why has this changed? Ist there any way to get the old style back? Thanks a lot! Regards, Mario
Possibly Parallel Threads
Wisdom of the Ancients
