Am 05.08.19 um 10:41 schrieb Rowland penny via samba:> On 05/08/2019 09:33, Stefan G. Weichinger via samba wrote: >> The saga around the misnamed DC seems over, so let's open a new thread >> ;-) >> >> In the same AD I see this: >> >> in smbstatus I see a smbd-PID for a Username "root", Group "root" >> >> But the actual user logged in is another one. So I assume there has been >> some wrong mapping/naming in the past. > > Who is logged in ? and what are they trying to do ? > > Also, where are they logged in ?Just some plain Windows-10-user on a PC ... using file shares etc Or do I misunderstand the question?>> For sure I'd like to avoid deleting/recreating that user. > You shouldn't have to, though you may have to change something in the > users AD object. >> >> Any ideas how to approach this? >> >> > Yes, give us more info ;-)Happy to do so. Where to start?
On 05/08/2019 14:27, Stefan G. Weichinger via samba wrote:> Am 05.08.19 um 10:41 schrieb Rowland penny via samba: >> On 05/08/2019 09:33, Stefan G. Weichinger via samba wrote: >>> The saga around the misnamed DC seems over, so let's open a new thread >>> ;-) >>> >>> In the same AD I see this: >>> >>> in smbstatus I see a smbd-PID for a Username "root", Group "root" >>> >>> But the actual user logged in is another one. So I assume there has been >>> some wrong mapping/naming in the past. >> Who is logged in ? and what are they trying to do ? >> >> Also, where are they logged in ? > Just some plain Windows-10-user on a PC ... using file shares etc > > Or do I misunderstand the question? > >>> For sure I'd like to avoid deleting/recreating that user. >> You shouldn't have to, though you may have to change something in the >> users AD object. >>> Any ideas how to approach this? >>> >>> >> Yes, give us more info ;-) > Happy to do so. > > Where to start? > > > >Well, I cannot ask for the smb.conf from the client because there isn't one ;-) When you get the root 'PID', have you tried searching in the Samba logs for the 'PID' ? This may provide more info Rowland
Uhm, i suggest, first more info is needed. OS? AD-DC or member server. ( or both checked ? ) Samba version and smb.conf Example output where you see this. I guessing its : smbstatus -a All i can say for now, on Buster and Stretch with 4.10.6 this is ok. ( at my side ). And the "root/root" you see, isnt that the user Administrator. That for example in backgroup is installing things AND you have setup a roaming profile for Administrator. Then yes, its normal. ;-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: maandag 5 augustus 2019 15:38 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] more cleanup: mis-named AD user > > On 05/08/2019 14:27, Stefan G. Weichinger via samba wrote: > > Am 05.08.19 um 10:41 schrieb Rowland penny via samba: > >> On 05/08/2019 09:33, Stefan G. Weichinger via samba wrote: > >>> The saga around the misnamed DC seems over, so let's open > a new thread > >>> ;-) > >>> > >>> In the same AD I see this: > >>> > >>> in smbstatus I see a smbd-PID for a Username "root", Group "root" > >>> > >>> But the actual user logged in is another one. So I assume > there has been > >>> some wrong mapping/naming in the past. > >> Who is logged in ? and what are they trying to do ? > >> > >> Also, where are they logged in ? > > Just some plain Windows-10-user on a PC ... using file shares etc > > > > Or do I misunderstand the question? > > > >>> For sure I'd like to avoid deleting/recreating that user. > >> You shouldn't have to, though you may have to change > something in the > >> users AD object. > >>> Any ideas how to approach this? > >>> > >>> > >> Yes, give us more info ;-) > > Happy to do so. > > > > Where to start? > > > > > > > > > Well, I cannot ask for the smb.conf from the client because > there isn't > one ;-) > > When you get the root 'PID', have you tried searching in the > Samba logs > for the 'PID' ? > > This may provide more info > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Am 05.08.19 um 15:38 schrieb Rowland penny via samba:> On 05/08/2019 14:27, Stefan G. Weichinger via samba wrote: >> Am 05.08.19 um 10:41 schrieb Rowland penny via samba: >>> On 05/08/2019 09:33, Stefan G. Weichinger via samba wrote: >>>> The saga around the misnamed DC seems over, so let's open a new thread >>>> ;-) >>>> >>>> In the same AD I see this: >>>> >>>> in smbstatus I see a smbd-PID for a Username "root", Group "root" >>>> >>>> But the actual user logged in is another one. So I assume there has >>>> been >>>> some wrong mapping/naming in the past. >>> Who is logged in ? and what are they trying to do ? >>> >>> Also, where are they logged in ? >> Just some plain Windows-10-user on a PC ... using file shares etc >> >> Or do I misunderstand the question? >> >>>> For sure I'd like to avoid deleting/recreating that user. >>> You shouldn't have to, though you may have to change something in the >>> users AD object. >>>> Any ideas how to approach this? >>>> >>>> >>> Yes, give us more info ;-) >> Happy to do so. >> >> Where to start? >> >> >> >> > Well, I cannot ask for the smb.conf from the client because there isn't > one ;-) > > When you get the root 'PID', have you tried searching in the Samba logs > for the 'PID' ? > > This may provide more infowill do asap: yesterday was stressful (again), right now that user isn't logged in yet.
Am 05.08.19 um 16:00 schrieb L.P.H. van Belle via samba:> Uhm, i suggest, first more info is needed. > > OS? > AD-DC or member server. ( or both checked ? ) > Samba version and smb.confDM, Debian 9.9, Samba version 4.9.11-Debian root at pre01svdeb01:~# cat /etc/samba/smb.conf # This file is managed remotely, all changes will be lost [global] workgroup = BUERO realm = mydomain.AT netbios name = SERVER security = ADS map to guest = Bad User username map = /etc/samba/smbusers dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab winbind refresh tickets = yes #winbind enum users = Yes #winbind enum groups = Yes winbind use default domain = yes winbind offline logon = yes # Use settings from AD for login shell and home directory winbind nss info = template template shell = /bin/bash template homedir = /mnt/samba/Daten/%U # obsolete with 4.8.x #map untrusted to domain = Yes #winbind trusted domains only = no # Default idmap config used for BUILTIN and local accounts/groups idmap config *:backend = tdb idmap config *:range = 2000-9999 # idmap config for domain BUERO idmap config BUERO:backend = rid idmap config BUERO:range = 10000-99999 load printers = no printing = bsd printcap name = /dev/null # turn off roaming profiles logon path = "" logon home = "" hosts allow = localhost 192.168.16. 172.32.99. log level = 1 log file = /var/log/samba/%m.log max log size = 150000 # server min protocol = SMB2 # server max protocol = SMB2 #strict sync = yes # ACLs store dos attributes = Yes map acl inherit = Yes #vfs objects = acl_xattr full_audit vfs objects = acl_xattr .... [shares] below here OR via root at pre01svdeb01:~# samba-tool testparm Press enter to see a dump of your service definitions # Global parameters [global] dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab log file = /var/log/samba/%m.log log level = 1 logon home = "" logon path = "" map to guest = Bad User max log size = 150000 netbios name = SERVER printcap name = /dev/null realm = mydomain.AT security = ADS template homedir = /mnt/samba/Daten/%U template shell = /bin/bash username map = /etc/samba/smbusers winbind nss info = template winbind offline logon = Yes winbind refresh tickets = Yes winbind use default domain = Yes workgroup = BUERO idmap config buero:range = 10000-99999 idmap config buero:backend = rid idmap config *:range = 2000-9999 idmap config *:backend = tdb hosts allow = localhost 192.168.16. 172.32.99. map acl inherit = Yes store dos attributes = Yes vfs objects = acl_xattr> Example output where you see this. > I guessing its : smbstatus -asmbstatus -b As mentioned before, the guy isn't at work right now. Will provide more info later.> And the "root/root" you see, isnt that the user Administrator. > That for example in backgroup is installing things AND you have setup a roaming profile for Administrator. > Then yes, its normal. ;-)no, I don't think that this is the case here.
Hai,> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Stefan G. Weichinger via samba > Verzonden: dinsdag 6 augustus 2019 11:37 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] more cleanup: mis-named AD user >.... Just checking the configs ;-).. These look ok.> > > > > Example output where you see this. > > I guessing its : smbstatus -a > > > smbstatus -bOk. I've checked this also on my Jessie/Stretch and Buster member servers The only place i see root:root is on the pc's where im logged in as Administrator. I did the same check on a Jessie with 4.8.12 and stretch with 4.9.11 and buster with 4.10.6 All Same result, no root:root only there where and Administrator is logged in.> > As mentioned before, the guy isn't at work right now.I suggest, reset is password. Login as this users and manualy disconnect all network shares. Logout and login again and check again. If its still there, turn of that pc. Repeat above on an other pc. If its still there, then its something in the user profile is my first guess. Else its in the pc itself.> > Will provide more info later. > > > > And the "root/root" you see, isnt that the user Administrator. > > That for example in backgroup is installing things AND you > have setup a roaming profile for Administrator. > > Then yes, its normal. ;-) > > no, I don't think that this is the case here.Im not convinced.. (yet). But as far i can see now, its not samba. Greetz, Louis