joseph-andre Guaragna
2015-Jun-11 07:09 UTC
[Samba] user profil wipe in a samba 4 AD domain
Hi, We have set up an Active Directory using samba4 (Zentyal), everything seems to be all right tilll the point were user profile are wiped out. We noticed when one of our linux uer tryed to connect to a windows workstation. It was allow so it juste created the user on the windows workstation. Few minutes later we realize that every domain account on the windows box were wiped, and the linux account also wiped. We could not find any reason for that, nor explanation in the log, I may be missing something as I could not understand all the mechanisms involved. we use samba 4.0. and pbis 8.2 client on the linux boxes. Thanks for your help Joseph GUARAGNA
On 11/06/15 08:09, joseph-andre Guaragna wrote:> Hi, > > We have set up an Active Directory using samba4 (Zentyal), everything > seems to be all right tilll the point were user profile are wiped out.What do you mean by 'user profile are wiped out' ? Do you mean just one user is removed ? Or something else ? How is the 'wiping' being done ?> > We noticed when one of our linux uer tryed to connect to a windows > workstation. It was allow so it juste created the user on the windows > workstation. Few minutes later we realize that every domain account on > the windows box were wiped, and the linux account also wiped.So the user can login but all other domain accounts on the PC have gone, Do the domain Accounts still exist on the AD DC ?> > We could not find any reason for that, nor explanation in the log, I > may be missing something as I could not understand all the mechanisms > involved. > > > we use samba 4.0. and pbis 8.2 client on the linux boxes. >Rowland> Thanks for your help > > > Joseph GUARAGNA
On 11/06/15 10:13, joseph-andre Guaragna wrote:> 2015-06-11 11:03 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>: >> On 11/06/15 08:09, joseph-andre Guaragna wrote: >>> Hi, >>> >>> We have set up an Active Directory using samba4 (Zentyal), everything >>> seems to be all right tilll the point were user profile are wiped out. >> >> What do you mean by 'user profile are wiped out' ? > I mean all user data wiped >> Do you mean just one user is removed ? > all user from the workstation >> Or something else ? >> >> How is the 'wiping' being done ? > the user's folder still exist but there is no data, it is like is > recreated the whole profile >>> We noticed when one of our linux uer tryed to connect to a windows >>> workstation. It was allow so it juste created the user on the windows >>> workstation. Few minutes later we realize that every domain account on >>> the windows box were wiped, and the linux account also wiped. >> >> So the user can login but all other domain accounts on the PC have gone, Do >> the domain Accounts still exist on the AD DC ? > Yes the users still exists on the domain, and can still connect on any > workstation they are supposed to. >> >>> We could not find any reason for that, nor explanation in the log, I >>> may be missing something as I could not understand all the mechanisms >>> involved. >>> >>> >>> we use samba 4.0. and pbis 8.2 client on the linux boxes. >>> >> Rowland >> >>> Thanks for your help >>> >>> > Joseph GUARAGNATaking this back on list where it belongs. I think I understand your problem now, but just a few questions to confirm what I am thinking. Were your windows machines part of a domain before ? If so, what type of domain ? If there was a domain, what was the server ? Rowland
On 11/06/15 11:28, joseph-andre Guaragna wrote:> No they used to be in WORKGROUP. > > As we have an heterogeneous fleet 25 Linux and 7 windows 7. We decide > to move a more centralised way of identifying our users. > > At first everything work then, we ran in the situation described below. > > > > > Meilleures salutations / Best regards, > > Joseph-Andr? GUARAGNA > ing?nieur Syst?me et R?seau / Network and System engineer > > > > RD MACHINES-OUTILS > > 77, all?e de l'Industrie F-74130 CONTAMINE SUR ARVE > Tel : +33 (0) 4 50 03 90 77 - Fax :+33 (0) 4 50 03 66 79 > www.rdmo.com / www.rdmo-spare-parts.com > > > 2015-06-11 11:59 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>: >> On 11/06/15 10:13, joseph-andre Guaragna wrote: >>> 2015-06-11 11:03 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>: >>>> On 11/06/15 08:09, joseph-andre Guaragna wrote: >>>>> Hi, >>>>> >>>>> We have set up an Active Directory using samba4 (Zentyal), everything >>>>> seems to be all right tilll the point were user profile are wiped out. >>>> >>>> What do you mean by 'user profile are wiped out' ? >>> I mean all user data wiped >>>> Do you mean just one user is removed ? >>> all user from the workstation >>>> Or something else ? >>>> >>>> How is the 'wiping' being done ? >>> the user's folder still exist but there is no data, it is like is >>> recreated the whole profile >>>>> We noticed when one of our linux uer tryed to connect to a windows >>>>> workstation. It was allow so it juste created the user on the windows >>>>> workstation. Few minutes later we realize that every domain account on >>>>> the windows box were wiped, and the linux account also wiped. >>>> >>>> So the user can login but all other domain accounts on the PC have gone, >>>> Do >>>> the domain Accounts still exist on the AD DC ? >>> Yes the users still exists on the domain, and can still connect on any >>> workstation they are supposed to. >>>> >>>>> We could not find any reason for that, nor explanation in the log, I >>>>> may be missing something as I could not understand all the mechanisms >>>>> involved. >>>>> >>>>> >>>>> we use samba 4.0. and pbis 8.2 client on the linux boxes. >>>>> >>>> Rowland >>>> >>>>> Thanks for your help >>>>> >>>>> >>> Joseph GUARAGNA >> >> Taking this back on list where it belongs. >> >> I think I understand your problem now, but just a few questions to confirm >> what I am thinking. >> Were your windows machines part of a domain before ? >> If so, what type of domain ? >> If there was a domain, what was the server ? >> >> Rowland >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/sambaWill you please not send posts directly to me, please reply to the list. OK, your answer confirms what I thought, your original profiles haven't gone away, they will still be there, but you cannot see them because they are 'local' profiles and you are now using 'domain' profiles. i.e. local user joe is NOT the same user as DOMAIN\joe Rowland
joseph-andre Guaragna
2015-Jun-11 11:56 UTC
[Samba] user profil wipe in a samba 4 AD domain
OK for the local profiles. I got both of them one call joe and the other domain.joe. Saw it, no problem about that. I copied the data from local to domain one. The thing is that after few days the domain.joe was emptied. The joe did stay the same. And I do not get why the domain.joe got blanked (all data gone) Cheers for the help Meilleures salutations / Best regards, Joseph-Andr? GUARAGNA ing?nieur Syst?me et R?seau / Network and System engineer RD MACHINES-OUTILS 77, all?e de l'Industrie F-74130 CONTAMINE SUR ARVE Tel : +33 (0) 4 50 03 90 77 - Fax :+33 (0) 4 50 03 66 79 www.rdmo.com / www.rdmo-spare-parts.com 2015-06-11 13:04 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>:> On 11/06/15 11:28, joseph-andre Guaragna wrote: >> >> No they used to be in WORKGROUP. >> >> As we have an heterogeneous fleet 25 Linux and 7 windows 7. We decide >> to move a more centralised way of identifying our users. >> >> At first everything work then, we ran in the situation described below. >> >> >> >> >> Meilleures salutations / Best regards, >> >> Joseph-Andr? GUARAGNA >> ing?nieur Syst?me et R?seau / Network and System engineer >> >> >> >> RD MACHINES-OUTILS >> >> 77, all?e de l'Industrie F-74130 CONTAMINE SUR ARVE >> Tel : +33 (0) 4 50 03 90 77 - Fax :+33 (0) 4 50 03 66 79 >> www.rdmo.com / www.rdmo-spare-parts.com >> >> >> 2015-06-11 11:59 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>: >>> >>> On 11/06/15 10:13, joseph-andre Guaragna wrote: >>>> >>>> 2015-06-11 11:03 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>: >>>>> >>>>> On 11/06/15 08:09, joseph-andre Guaragna wrote: >>>>>> >>>>>> Hi, >>>>>> >>>>>> We have set up an Active Directory using samba4 (Zentyal), everything >>>>>> seems to be all right tilll the point were user profile are wiped out. >>>>> >>>>> >>>>> What do you mean by 'user profile are wiped out' ? >>>> >>>> I mean all user data wiped >>>>> >>>>> Do you mean just one user is removed ? >>>> >>>> all user from the workstation >>>>> >>>>> Or something else ? >>>>> >>>>> How is the 'wiping' being done ? >>>> >>>> the user's folder still exist but there is no data, it is like is >>>> recreated the whole profile >>>>>> >>>>>> We noticed when one of our linux uer tryed to connect to a windows >>>>>> workstation. It was allow so it juste created the user on the windows >>>>>> workstation. Few minutes later we realize that every domain account on >>>>>> the windows box were wiped, and the linux account also wiped. >>>>> >>>>> >>>>> So the user can login but all other domain accounts on the PC have >>>>> gone, >>>>> Do >>>>> the domain Accounts still exist on the AD DC ? >>>> >>>> Yes the users still exists on the domain, and can still connect on any >>>> workstation they are supposed to. >>>>> >>>>> >>>>>> We could not find any reason for that, nor explanation in the log, I >>>>>> may be missing something as I could not understand all the mechanisms >>>>>> involved. >>>>>> >>>>>> >>>>>> we use samba 4.0. and pbis 8.2 client on the linux boxes. >>>>>> >>>>> Rowland >>>>> >>>>>> Thanks for your help >>>>>> >>>>>> >>>> Joseph GUARAGNA >>> >>> >>> Taking this back on list where it belongs. >>> >>> I think I understand your problem now, but just a few questions to >>> confirm >>> what I am thinking. >>> Were your windows machines part of a domain before ? >>> If so, what type of domain ? >>> If there was a domain, what was the server ? >>> >>> Rowland >>> >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba > > > Will you please not send posts directly to me, please reply to the list. > > OK, your answer confirms what I thought, your original profiles haven't gone > away, they will still be there, but you cannot see them because they are > 'local' profiles and you are now using 'domain' profiles. > > i.e. local user joe is NOT the same user as DOMAIN\joe > > > Rowland > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba