Heinz Allerberger
2009-Nov-04 16:32 UTC
[Samba] Problems with tdb-database after migration from Debian-Samba-3.2.5-4lenny6 to Samba-3.2.5-4lenny7
Hi there ... I have a problem with my tdb-database after I've migrated from Debian-Samba-3.2.5-4lenny6 to Samba-3.2.5-4lenny7. All the old directories /etc/samba with the smb.conf and /var/lib/samba with the tdb-database has been hold. Now I've inexplicable effects with my tdb-database. - I cannot list my admin - user, which is the domain-administrator, in my passwd.tdb. - I cannot attach any longer WindowsWorkstations to my domain. 1.) My samba-version: myserver1:~# apt-cache policy samba samba: Installiert: 2:3.2.5-4lenny7 2.)Problem with pdbedit -L : myserver1:~# pdbedit -L | grep admin myserver1:~#>>> You see, there is nothing....3.) But pdbedit -u admin -v is successful: myserver1:/etc/samba# pdbedit -u admin -v Unix username: admin NT username: Account Flags: [U ] User SID: S-1-5-21-1656000120-2433418590-619812953-500 Primary Group SID: S-1-5-21-1656000120-2433418590-619812953-513 Full Name: Home Directory: \\myserver1\admin\win HomeDir Drive: U: Logon Script: logon.cmd Profile Path: \\myserver1\profiles\admin Domain: MYDOMAIN Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: never Kickoff time: 0 Password last set: Mi, 06 Aug 2008 10:19:23 CEST Password can change: Mi, 06 Aug 2008 10:19:23 CEST Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 4.) Samba group-mapping: myserver1:/etc/samba# net groupmap list Domain Admins (S-1-5-21-1656000120-2433418590-619812953-512) -> domadmins 5.) real Unix-group: myserver1:/etc# cat group | grep domadmins domadmins:x:512:admin 6)# List rpc privileges on an Samba: myserver1:/etc# net rpc rights list accounts -U admin -S 192.168.1.200 Enter admin's password: BUILTIN\Print Operators No privileges assigned BUILTIN\Account Operators No privileges assigned BUILTIN\Backup Operators No privileges assigned BUILTIN\Server Operators No privileges assigned BUILTIN\Administrators SeMachineAccountPrivilege SeTakeOwnershipPrivilege SeBackupPrivilege SeRestorePrivilege SeRemoteShutdownPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeDiskOperatorPrivilege Everyone No privileges assigned --------------------------------------------------------------------------- 7.) Here are the global settings of my smb.conf: [global] unix charset = ISO8859-1 workgroup = MYDOMAIN netbios aliases = myserver1 server string = %h update encrypted = Yes obey pam restrictions = Yes passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 add user script = /usr/sbin/adduser.sh -p -u "%u" -n "%u" delete user script = /usr/sbin/userdel "%u" add group script = /usr/local/bin/smbgrpadd.sh "%g" delete group script = /usr/sbin/groupdel "%g" add user to group script = /usr/bin/gpasswd -a "%u" "%g" delete user from group script = /usr/bin/gpasswd -d "%u" "%g" set primary group script = /usr/sbin/usermod -g "%g" "%u" add machine script = /usr/sbin/addmachine.sh -u %u logon script = logon.cmd logon path = \\%N\profiles\%U logon drive = U: logon home = \\%N\%U\win domain logons = Yes os level = 65 preferred master = Yes domain master = Yes dns proxy = No ldap ssl = no panic action = /usr/share/samba/panic-action %d invalid users = root -----------------End of global settings -------- Does anyone have an idea what the reason of this strange behaver of my passwd.tdb ist? I believe, when this is fixed, the problem with the attachment of new WindowsWorkstations to the domain will also be solved. -- Regards Heinz Allerberger
Possibly Parallel Threads
Wisdom of the Ancients
