Am 09.05.2012 06:19, schrieb Andrew Bartlett:>> I also found old postings with the information, that samba creates the >> sambaSID entry (http://lists.samba.org/archive/samba/2007-June/133330.html). >> >> So could it be a bug in samba? Currently we run 3.5.15. > > It could be a bug in whatever created a sambaNextRid value of< 1000.Yesterday I created a machine account by hand (with the command samba uses). After that in LDAP is no attribute sambaSID. Then I enabled level 10 debug log and joined this machine. In the log I saw, that samba looks in LDAP for an attribute sambaNextRid in sambaDomainName=MUC,dc=mr,dc=lfmg,dc=de. Then it takes this number as RID for the new machine and write the old RID value incremented back to the attribute. I don't know who or what filled this attribute initially with a value < 1000. But maybe it's a good idea if samba doesn't use values < 1000 if that makes problems in AD later. Regards, Marc
Am 09.05.2012 06:19, schrieb Andrew Bartlett:>> I also found old postings with the information, that samba creates the >> sambaSID entry (http://lists.samba.org/archive/samba/2007-June/133330.html). >> >> So could it be a bug in samba? Currently we run 3.5.15. > > It could be a bug in whatever created a sambaNextRid value of< 1000.Yesterday I created a machine account by hand (with the command samba uses). After that in LDAP is no attribute sambaSID. Then I enabled level 10 debug log and joined this machine. In the log I saw, that samba looks in LDAP for an attribute sambaNextRid in sambaDomainName=MUC,dc=mr,dc=lfmg,dc=de. Then it takes this number as RID for the new machine and write the old RID value incremented back to the attribute. I don't know who or what filled this attribute initially with a value < 1000. But maybe it's a good idea if samba doesn't use values < 1000 if that makes problems in AD later. Regards, Marc
Apparently Analagous Threads
- Failed search for base: sambaDomainName=MUC, sambaDomainName=MUC, dc=...
- machine account want use algorithm than sambanextrid
- Samba 3 PDC + OpenLDAP + Mandrake 10.0
- Segmentation Fault when trying to set root samba password, IPA as a backend
- Cannot make Windows join Samba domain