On Thu, 3 May 2018 19:18:45 +0100 Rowland Penny via samba <samba at lists.samba.org> wrote:> On Thu, 3 May 2018 14:59:18 -0300 > "Ethy H. Brito via samba" <samba at lists.samba.org> wrote: > > > I run the pdbedit command. > > I got a lage amount of users (and groups). > > The admin of the S3 server deleted (userdel) 75 users and these are > > still listed by pdbedit. How do I get rid os them?? > > > > I think you may be mistaken (or I did not fully understood your > > affirmation). These "no such user" users were deleted from Linux with > > "userdel -r" and are ghosts in Samba. > > I just tried to remove them (smbpasswd -x) them but got "Failed to > > delete entry for user XXXX" > > How do I get rid of these ghosts? > > The OS stores users in /etc/passwd and userdel removes these, but there > are also Samba users and you need to run 'smbpasswd -x username' to > remove these.You may missed my comment above. I did try 'smbpasswd -x <USERNAME>'. I get "Failed to delete entry for user <USERNAME>".> > > > what is your rsync command ? > > > > for i in D1 D2 D3 D4 ; do > > echo > > echo "SYNC'ing $i"; > > echo > > /usr/bin/rsync -av S3:/var/samba/$i /home; > > done > > > > > > > I ask this because if I rsync a file from my pc (rowland, 10000, ad > > > backend) to a another pc (rowland, 11107, rid backend), ls -la shows > > > the owner as 'rowland' > > > > Maybe you mounted the remote server locally. Didn't you? > > My rsync command was much the same as yours (just added 'z') and I > didn't mount anything, which leads to the next question, are you > mounting anything ?Not at all. But I have to apologize thousand times to you. I did not check the files rsync copied *after* the modifications you said. While we where talking, rsync copied the files at least twice and corrected the whole thing. The files and directories permissions and ownership are ok. I can now list them with correct names. Sorry for the noise. So! What is not working? jgarcia user is a member of UNIX group G1 at S3. S3# grep "G1.*jgarcia" /etc/group G1:x:1119:jgarcia I have this share at S4: [snapshots] comment = snapshots path = /var/snapshots browseable = no read only = yes valid users = @G1 jgarcia is given NT_STATUS_ACCESS_DENIED. If I change "valid users" to "@G1 jgarcia" *or* create a (local to S4) G1 group the logs in. How to debug this error? Ethy
On Thu, 3 May 2018 15:55:47 -0300 "Ethy H. Brito" <ethy.brito at inexo.com.br> wrote:> On Thu, 3 May 2018 19:18:45 +0100 > Rowland Penny via samba <samba at lists.samba.org> wrote: > > > On Thu, 3 May 2018 14:59:18 -0300 > > "Ethy H. Brito via samba" <samba at lists.samba.org> wrote: > > > > > I run the pdbedit command. > > > I got a lage amount of users (and groups). > > > The admin of the S3 server deleted (userdel) 75 users and these > > > are still listed by pdbedit. How do I get rid os them?? > > > > > > I think you may be mistaken (or I did not fully understood your > > > affirmation). These "no such user" users were deleted from Linux > > > with "userdel -r" and are ghosts in Samba. > > > I just tried to remove them (smbpasswd -x) them but got "Failed to > > > delete entry for user XXXX" > > > How do I get rid of these ghosts? > > > > The OS stores users in /etc/passwd and userdel removes these, but > > there are also Samba users and you need to run 'smbpasswd -x > > username' to remove these. > > You may missed my comment above. I did try 'smbpasswd -x <USERNAME>'. > I get "Failed to delete entry for user <USERNAME>". > > > > > > > what is your rsync command ? > > > > > > for i in D1 D2 D3 D4 ; do > > > echo > > > echo "SYNC'ing $i"; > > > echo > > > /usr/bin/rsync -av S3:/var/samba/$i /home; > > > done > > > > > > > > > > I ask this because if I rsync a file from my pc (rowland, > > > > 10000, ad backend) to a another pc (rowland, 11107, rid > > > > backend), ls -la shows the owner as 'rowland' > > > > > > Maybe you mounted the remote server locally. Didn't you? > > > > My rsync command was much the same as yours (just added 'z') and I > > didn't mount anything, which leads to the next question, are you > > mounting anything ? > > Not at all. > > But I have to apologize thousand times to you. > I did not check the files rsync copied *after* the modifications you > said. > > While we where talking, rsync copied the files at least twice and > corrected the whole thing. The files and directories permissions and > ownership are ok. I can now list them with correct names. > > Sorry for the noise. > > So! What is not working? > > jgarcia user is a member of UNIX group G1 at S3. > > S3# grep "G1.*jgarcia" /etc/group > G1:x:1119:jgarcia > > I have this share at S4: > > [snapshots] > comment = snapshots > path = /var/snapshots > browseable = no > read only = yes > valid users = @G1 > > jgarcia is given NT_STATUS_ACCESS_DENIED. > If I change "valid users" to "@G1 jgarcia" *or* create a (local to > S4) G1 group the logs in. > > How to debug this error? >It isn't actually an error, the group 'G1' is a local group and as such is unknown to S4. You will need to create a group in samba on S3, map this to 'G1'. The mapped group should then become usable on S4. Rowland
Ethy H. Brito
2018-May-04 20:53 UTC
[Samba] [SOLVED] samba 4 joining samba 3 pdc - group mismatch
On Thu, 3 May 2018 20:04:59 +0100 Rowland Penny via samba <samba at lists.samba.org> wrote:> On Thu, 3 May 2018 15:55:47 -0300 > "Ethy H. Brito" <ethy.brito at inexo.com.br> wrote: > > > On Thu, 3 May 2018 19:18:45 +0100 > > Rowland Penny via samba <samba at lists.samba.org> wrote: > > > > > On Thu, 3 May 2018 14:59:18 -0300 > > > "Ethy H. Brito via samba" <samba at lists.samba.org> wrote: > > > > > > > I run the pdbedit command. > > > > I got a lage amount of users (and groups). > > > > The admin of the S3 server deleted (userdel) 75 users and these > > > > are still listed by pdbedit. How do I get rid os them?? > > > > > > > > I think you may be mistaken (or I did not fully understood your > > > > affirmation). These "no such user" users were deleted from Linux > > > > with "userdel -r" and are ghosts in Samba. > > > > I just tried to remove them (smbpasswd -x) them but got "Failed to > > > > delete entry for user XXXX" > > > > How do I get rid of these ghosts? > > > > > > The OS stores users in /etc/passwd and userdel removes these, but > > > there are also Samba users and you need to run 'smbpasswd -x > > > username' to remove these. > > > > You may missed my comment above. I did try 'smbpasswd -x <USERNAME>'. > > I get "Failed to delete entry for user <USERNAME>".I managed to delete all ghosts with "pdbedit -x -u USERNAME"> > > > > > > > > > what is your rsync command ? > > > > > > > > for i in D1 D2 D3 D4 ; do > > > > echo > > > > echo "SYNC'ing $i"; > > > > echo > > > > /usr/bin/rsync -av S3:/var/samba/$i /home; > > > > done > > > > > > > > > > > > > I ask this because if I rsync a file from my pc (rowland, > > > > > 10000, ad backend) to a another pc (rowland, 11107, rid > > > > > backend), ls -la shows the owner as 'rowland'About that, what I said earlier is wrong. Correcting myself: when using -g option (forced when -a is given) rsync reads the ownerships *by names* and preserve those names at the destination machine but, as said at the manpage, it "may fall back to using the ID number in some circumstances". So, yes. If correctly issued the "net groupmap" command will give all tools rsync needs to make its job correctly. Now I have all files and directories with same permissions and ownership as the source.> > > > jgarcia is given NT_STATUS_ACCESS_DENIED. > > If I change "valid users" to "@G1 jgarcia" *or* create a (local to > > S4) G1 group the logs in. > > > > How to debug this error? > > > It isn't actually an error, the group 'G1' is a local group and as such > is unknown to S4. You will need to create a group in samba on S3, map > this to 'G1'. The mapped group should then become usable on S4. >As I said above "net groupmap" did the trick. Thanks to you Mr. Rowland! Issue seems solved. Ethy