L.P.H. van Belle
2019-Apr-10 14:13 UTC
[Samba] chown: changing ownership of 'test': Invalid argument
Gid 4294967295 = Nobody (32-bit) Thats your problem. A problem in the nss mappings. https://lists.samba.org/archive/samba/2017-January/205672.html Is the a simular thread to your problem, ready it. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Ian > Coetzee via samba > Verzonden: woensdag 10 april 2019 15:37 > Aan: Rowland Penny > CC: samba at lists.samba.org > Onderwerp: Re: [Samba] chown: changing ownership of 'test': > Invalid argument > > On Wed, 10 Apr 2019 at 13:11, Rowland Penny <rpenny at samba.org> wrote: > > > On Wed, 10 Apr 2019 12:13:07 +0200 > > Ian Coetzee <samba at iancoetzee.za.net> wrote: > > > > > > > [2019/04/10 10:09:48.043212, 1, pid=15234, effective(0, > 0), real(0, > > > 0), class=rpc_parse] > ../librpc/ndr/ndr.c:471(ndr_print_function_debug) > > > wbint_GetNssInfo: struct wbint_GetNssInfo > > > out: struct wbint_GetNssInfo > > > info : * > > > info: struct wbint_userinfo > > > domain_name : * > > > domain_name : 'JEOFFICE' > > > acct_name : * > > > acct_name : 'ianc' > > > full_name : NULL > > > homedir : * > > > homedir : '/home/%D/%U' > > > shell : * > > > shell : '/bin/bash' > > > uid : > 0x000000000030d97f > > > (3201407) > > > primary_gid : > 0x00000000ffffffff > > > (4294967295) > > > primary_group_name : NULL > > > user_sid : <RED>-1407 > > > group_sid : <RED>-513 > > > result : > > > NT_STATUS_REQUEST_NOT_ACCEPTED > > > > > > Is this last "NT_STATUS_REQUEST_NOT_ACCEPTED" maybe the problem? > > > > I would say it is the problem, but not the reason > > > > The users SID is found '<RED>-1407' and the group SID is '<RED>-513' > > The users uid is '3201407' but the primary_gid is > '4294967295' and the > > 'primary_group_name' is null. > > I would have expected '3200513' and 'Domain Users' for the last two. > > > > Is it possible you can share the AD objects for 'ianc' & > 'Domain Users' > > with me, offlist if necessary. > > > > Rowland > > > > > > > > > Hi Rowland, > > I have sent you an email with an ldif export, as made by ldapsearch, > attached. Hope it helps :) > > Kind regards > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Ian Coetzee
2019-Apr-11 05:59 UTC
[Samba] chown: changing ownership of 'test': Invalid argument
Hi Louis, Thank you for the thread. Reading through it now. I also, this morning, realised that I forgot to include a very critical piece of information. I initially installed samba 4.5 from the debian repos, then got hit by this issue. I then purged samba and winbind, and did a apt autoremove --purge. Loaded your repo and reinstalled the needed packages. Don't know if this complicated things. I will do some additional tests this end in light of the above thread and revert to the list. Kind regards. On Wed, 10 Apr 2019 at 16:13, L.P.H. van Belle via samba < samba at lists.samba.org> wrote:> Gid 4294967295 = Nobody (32-bit) > > Thats your problem. A problem in the nss mappings. > https://lists.samba.org/archive/samba/2017-January/205672.html > Is the a simular thread to your problem, ready it. > > > Greetz, > > Louis > > > > -----Oorspronkelijk bericht----- > > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Ian > > Coetzee via samba > > Verzonden: woensdag 10 april 2019 15:37 > > Aan: Rowland Penny > > CC: samba at lists.samba.org > > Onderwerp: Re: [Samba] chown: changing ownership of 'test': > > Invalid argument > > > > On Wed, 10 Apr 2019 at 13:11, Rowland Penny <rpenny at samba.org> wrote: > > > > > On Wed, 10 Apr 2019 12:13:07 +0200 > > > Ian Coetzee <samba at iancoetzee.za.net> wrote: > > > > > > > > > > [2019/04/10 10:09:48.043212, 1, pid=15234, effective(0, > > 0), real(0, > > > > 0), class=rpc_parse] > > ../librpc/ndr/ndr.c:471(ndr_print_function_debug) > > > > wbint_GetNssInfo: struct wbint_GetNssInfo > > > > out: struct wbint_GetNssInfo > > > > info : * > > > > info: struct wbint_userinfo > > > > domain_name : * > > > > domain_name : 'JEOFFICE' > > > > acct_name : * > > > > acct_name : 'ianc' > > > > full_name : NULL > > > > homedir : * > > > > homedir : '/home/%D/%U' > > > > shell : * > > > > shell : '/bin/bash' > > > > uid : > > 0x000000000030d97f > > > > (3201407) > > > > primary_gid : > > 0x00000000ffffffff > > > > (4294967295) > > > > primary_group_name : NULL > > > > user_sid : <RED>-1407 > > > > group_sid : <RED>-513 > > > > result : > > > > NT_STATUS_REQUEST_NOT_ACCEPTED > > > > > > > > Is this last "NT_STATUS_REQUEST_NOT_ACCEPTED" maybe the problem? > > > > > > I would say it is the problem, but not the reason > > > > > > The users SID is found '<RED>-1407' and the group SID is '<RED>-513' > > > The users uid is '3201407' but the primary_gid is > > '4294967295' and the > > > 'primary_group_name' is null. > > > I would have expected '3200513' and 'Domain Users' for the last two. > > > > > > Is it possible you can share the AD objects for 'ianc' & > > 'Domain Users' > > > with me, offlist if necessary. > > > > > > Rowland > > > > > > > > > > > > > > Hi Rowland, > > > > I have sent you an email with an ldif export, as made by ldapsearch, > > attached. Hope it helps :) > > > > Kind regards > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Ian Coetzee
2019-Apr-11 07:02 UTC
[Samba] chown: changing ownership of 'test': Invalid argument
Hi all,
I have been doing some additional tests. I am running the same command on
two different servers, both joined to the domain. Then checking the logs on
loglevel 20
Server 1 - Barebones machine, Debian 9, Samba 4.5 (Debian Repo)
$ getent passwd ianc
[2019/04/11 08:51:50.574086, 1, pid=3265271, effective(0, 0), real(0, 0)]
../librpc/ndr/ndr.c:468(ndr_print_function_debug)
wbint_QueryUser: struct wbint_QueryUser
out: struct wbint_QueryUser
info : *
info: struct wbint_userinfo
acct_name : *
acct_name : 'ianc'
full_name : *
full_name : 'Ian Coetzee'
homedir : *
homedir : '/home/%D/%U'
shell : *
shell : '/bin/bash'
primary_gid : 0x00000000ffffffff
(4294967295)
user_sid :
S-1-5-21-2093009959-3443338361-3281248646-1407
group_sid :
S-1-5-21-2093009959-3443338361-3281248646-513
result : NT_STATUS_OK
Server 2 - LXC Container, Debian 9, Samba 4.9 (Louis' Repo)
$ getent passwd ianc
[2019/04/11 06:55:26.719755, 1, pid=16957, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
wbint_GetNssInfo: struct wbint_GetNssInfo
in: struct wbint_GetNssInfo
info : *
info: struct wbint_userinfo
domain_name : *
domain_name : 'JEOFFICE'
acct_name : *
acct_name : 'ianc'
full_name : NULL
homedir : *
homedir : '/home/%D/%U'
shell : *
shell : '/bin/bash'
uid : 0x000000000030d97f
(3201407)
primary_gid : 0x00000000ffffffff
(4294967295)
primary_group_name : NULL
user_sid :
S-1-5-21-2093009959-3443338361-3281248646-1407
group_sid :
S-1-5-21-2093009959-3443338361-3281248646-513
[2019/04/11 06:55:26.720941, 1, pid=16957, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
wbint_GetNssInfo: struct wbint_GetNssInfo
out: struct wbint_GetNssInfo
info : *
info: struct wbint_userinfo
domain_name : *
domain_name : 'JEOFFICE'
acct_name : *
acct_name : 'ianc'
full_name : NULL
homedir : *
homedir : '/home/%D/%U'
shell : *
shell : '/bin/bash'
uid : 0x000000000030d97f
(3201407)
primary_gid : 0x00000000ffffffff
(4294967295)
primary_group_name : NULL
user_sid :
S-1-5-21-2093009959-3443338361-3281248646-1407
group_sid :
S-1-5-21-2093009959-3443338361-3281248646-513
result : NT_STATUS_REQUEST_NOT_ACCEPTED
On Server 1 I can log in using domain credentials and chown|chgrp files and
folders to domain users and groups. Server 2 is the server in this thread.
A few things that I notice, is that the primary_gid is always 4294967295
(weird, but ok, it works on Server 1)
On Server 2 the full_name is returned as NULL, but not on Server 1
(Possibly the issue?)
My next step is to actually migrate this LXC container to a proper QEMU vm
and test again, I can't help but shake the feeling that the apparmor on the
Hypervisor is causing this issue. Although Server 1 is the hypervisor
Server 2 is running on...
I will revert my findings.
Thank you for the advise so far.
Kind regards
L.P.H. van Belle
2019-Apr-11 07:22 UTC
[Samba] chown: changing ownership of 'test': Invalid argument
Hai Ian, Can you run this one again on both servers and pm me both outputs. I'll have a good look. https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh I've updated the file, so do use the new one. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Ian > Coetzee via samba > Verzonden: donderdag 11 april 2019 9:03 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] chown: changing ownership of 'test': > Invalid argument > > Hi all, > > I have been doing some additional tests. I am running the > same command on > two different servers, both joined to the domain. Then > checking the logs on > loglevel 20 > > Server 1 - Barebones machine, Debian 9, Samba 4.5 (Debian Repo) > $ getent passwd ianc > > [2019/04/11 08:51:50.574086, 1, pid=3265271, effective(0, > 0), real(0, 0)] > ../librpc/ndr/ndr.c:468(ndr_print_function_debug) > wbint_QueryUser: struct wbint_QueryUser > out: struct wbint_QueryUser > info : * > info: struct wbint_userinfo > acct_name : * > acct_name : 'ianc' > full_name : * > full_name : 'Ian Coetzee' > homedir : * > homedir : '/home/%D/%U' > shell : * > shell : '/bin/bash' > primary_gid : 0x00000000ffffffff > (4294967295) > user_sid : > S-1-5-21-2093009959-3443338361-3281248646-1407 > group_sid : > S-1-5-21-2093009959-3443338361-3281248646-513 > result : NT_STATUS_OK > > Server 2 - LXC Container, Debian 9, Samba 4.9 (Louis' Repo) > $ getent passwd ianc > > [2019/04/11 06:55:26.719755, 1, pid=16957, effective(0, 0), > real(0, 0), > class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug) > wbint_GetNssInfo: struct wbint_GetNssInfo > in: struct wbint_GetNssInfo > info : * > info: struct wbint_userinfo > domain_name : * > domain_name : 'JEOFFICE' > acct_name : * > acct_name : 'ianc' > full_name : NULL > homedir : * > homedir : '/home/%D/%U' > shell : * > shell : '/bin/bash' > uid : 0x000000000030d97f > (3201407) > primary_gid : 0x00000000ffffffff > (4294967295) > primary_group_name : NULL > user_sid : > S-1-5-21-2093009959-3443338361-3281248646-1407 > group_sid : > S-1-5-21-2093009959-3443338361-3281248646-513 > [2019/04/11 06:55:26.720941, 1, pid=16957, effective(0, 0), > real(0, 0), > class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug) > wbint_GetNssInfo: struct wbint_GetNssInfo > out: struct wbint_GetNssInfo > info : * > info: struct wbint_userinfo > domain_name : * > domain_name : 'JEOFFICE' > acct_name : * > acct_name : 'ianc' > full_name : NULL > homedir : * > homedir : '/home/%D/%U' > shell : * > shell : '/bin/bash' > uid : 0x000000000030d97f > (3201407) > primary_gid : 0x00000000ffffffff > (4294967295) > primary_group_name : NULL > user_sid : > S-1-5-21-2093009959-3443338361-3281248646-1407 > group_sid : > S-1-5-21-2093009959-3443338361-3281248646-513 > result : > NT_STATUS_REQUEST_NOT_ACCEPTED > > On Server 1 I can log in using domain credentials and > chown|chgrp files and > folders to domain users and groups. Server 2 is the server in > this thread. > > A few things that I notice, is that the primary_gid is always > 4294967295 > (weird, but ok, it works on Server 1) > > On Server 2 the full_name is returned as NULL, but not on Server 1 > (Possibly the issue?) > > My next step is to actually migrate this LXC container to a > proper QEMU vm > and test again, I can't help but shake the feeling that the > apparmor on the > Hypervisor is causing this issue. Although Server 1 is the hypervisor > Server 2 is running on... > > I will revert my findings. > > Thank you for the advise so far. > > Kind regards > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >