samba - Sep 2011 - Samba 3.5.4 and duplicated UIDs after connection to ADS domain

Hello,

I have connected Samba 3.5.4 to Windows 2008 R2 domain and Samba has
allocated the same UID number for several users from ADS ? I think each
user should have unique UID number.

Do you know what can cause the problem ?

cat /etc/smb.conf

[global]
??????? netbios name = san01
??????? workgroup = DEVEL
??????? server string = SAN Server
??????? security = ADS
??????? password server = kerberos.server
??????? realm = DEVEL.LOCAL
??????? allow trusted domains = no

#?????? interfaces = 127.0.0.1 eth0
??????? bind interfaces only = True

??????? lock directory = /usr/local/samba/var/locks
??????? usershare path = /usr/local/samba/var/locks/usershares

??????? encrypt passwords = Yes
??????? use spnego = yes
??????? domain logons = no

??????? obey pam restrictions = Yes
??????? passwd program = /usr/bin/passwd %u
??????? passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
??????? log level = 1
??????? syslog = 0
??????? log file = /var/log/samba/log.%m
??????? max log size = 6000
??????? socket options = TCP_NODELAY IPTOS_LOWDELAY
??????? keep alive = 10
??????? os level = 0
??????? local master = no
??????? preferred master = no
??????? domain master = False
??????? dns proxy = No
??????? invalid users = root whell
??????? deadtime = 0
??????? create mask = 0777
??????? directory mask = 0777
??????? inherit permissions = yes
??????? map acl inherit = yes
??????? inherit acls = yes
??????? locking = yes
??????? admin users ??????? map hidden = no
??????? map system = no
??????? map archive = no
??????? store dos attributes = yes
??????? guest account = guest
??????? map to guest = bad password
??????? printable = no
??????? restrict anonymous = yes
??????? follow symlinks = yes
??????? wide links = no
??????? dos charset = CP852
??????? display charset = UTF8
??????? wins server ??????? pid directory = /tmp
??????? force unknown acl user = yes
? ? ? ? winbind separator = +
??????? winbind uid = 101-2000000
??????? winbind gid = 101-2000000
??????? winbind enum users = yes
??????? winbind enum groups = yes
??????? template homedir = /home/winnt/%D/%U
??????? template shell = /bin/bash

??????? enable asu support = Yes
#?????? enable svcctl ??????? printcap cache time = 0
??????? acl check permissions = Yes
#?????? acl group control = No
??????? dos filemode = Yes
??????? acl map full control = Yes
??????? inherit owner = No

??????? ldap admin dn= "cn=admin,dc=server,dc=nas"
??????? ldap suffix= "dc=server,dc=nas"
??????? #ldap server= 127.0.0.1
??????? passdb backend = ldapsam:ldap://127.0.0.1:389
#?????? ldap port= 389
??????? ldap ssl= no
??????
??????? lanman auth = yes
??????? client lanman auth = yes
??????? client plaintext auth = yes
??????? max stat cache size = 1024
??????? smb encrypt = disabled
??????? unix extensions = no

[share]
??????? path = /volume/samba
??????? comment ??????? guest ok = No
??????? read only = NO
??????? browseable = YES
??????? printable = No
??????? valid users = "DEVEL+user2000","DEVEL+user1999"
??????? case sensitive = no
??????? default case = lower
??????? preserve case = yes
??????? short preserve case = yes


??????? inherit owner = NO
??????? inherit acls = YES
??????? inherit permissions = YES
??????? locking = YES
??????? map acl inherit = YES

cat /etc/nsswitch.conf

passwd:???????? files winbind
group:????????? files winbind
shadow:???????? files

hosts:????????? files dns
networks:?????? files

protocols:????? db files
services:?????? db files
ethers:???????? db files
rpc:??????????? db files

netgroup:?????? nis


Best Regards
Adrian Berlin

-- 
You Rock! Your E-Mail Should Too! Signup Now at Rock.com and get 2GB of Storage!

http://connections.rock.com/user/displayUserRegisterPage.kickAction?as=116748&STATUS=MAIN