What does the Uid under the Locked files: section output of smbstatus signify?
Reason I ask is that some of our CentOS 6 servers running samba-3.6.23-53 are
creating files with this UID instead of user specified in the config file:
force user = someuser
Yes, we are doing our best to upgrade to CentOS 7 and a supported samba version.
But until we do....
My smb.conf -
[global]
security = ADS
workgroup = MYGROUP
realm = MYGROUP.COM
encrypt passwords = yes
client use spnego = yes
client signing = yes
kerberos method = secrets and keytab
server schannel = yes
log level = 3
max log size = 500
log file = /var/log/samba/log.%h.%m
idmap config MYGROUP : backend = rid
idmap config MYGROUP : range = 1000-2999999
idmap config * : backend = tdb
idmap config * : range = 3000000-39999999
winbind cache time = 300
winbind nss info = sfu
winbind use default domain = yes
winbind refresh tickets = yes
map to guest = Bad User
wide links = No
unix extensions = No
load printers = No
printcap name = /dev/null
max protocol = SMB2
include = /usr/local/custom.conf
-------------------------------------------------->From nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
Thanks,
Jim
This email and any attachments may contain information that is confidential
and/or privileged for the sole use of the intended recipient. Any use, review,
disclosure, copying, distribution or reliance by others, and any forwarding of
this email or its contents, without the express permission of the sender is
strictly prohibited by law. If you are not the intended recipient, please
contact the sender immediately, delete the e-mail and destroy all copies.
On Tue, 2022-05-10 at 18:42 +0000, Jim Brand via samba wrote:> What does the Uid under the Locked files: section output of smbstatus > signify?It signifies the username, unless it cannot be resolved to a name, when the ID number will be used.> Reason I ask is that some of our CentOS 6 servers running samba- > 3.6.23-53 are creating files with this UID instead of user specified > in the config file: > > force user = someuser > > Yes, we are doing our best to upgrade to CentOS 7 and a supported > samba version. But until we do.... > > My smb.conf - > > [global] > security = ADS > workgroup = MYGROUP > realm = MYGROUP.COM > encrypt passwords = yes > client use spnego = yes > client signing = yes > kerberos method = secrets and keytab > server schannel = yes > log level = 3 > max log size = 500 > log file = /var/log/samba/log.%h.%m > idmap config MYGROUP : backend = rid > idmap config MYGROUP : range = 1000-2999999 > idmap config * : backend = tdb > idmap config * : range = 3000000-39999999 > winbind cache time = 300 > winbind nss info = sfu > winbind use default domain = yes > winbind refresh tickets = yes > map to guest = Bad User > wide links = No > unix extensions = No > load printers = No > printcap name = /dev/null > max protocol = SMB2 > include = /usr/local/custom.conf > -------------------------------------------------- > From nsswitch.conf > > passwd: files winbind > shadow: files winbind > group: files winbindYou should remove 'winbind' from the shadow line, it isn't required and can do strange things. You are using the 'rid' idmap backend and this calculates the Unix ID from the RID along with the low range set in smb.conf (in your case '1000'), but any that end up higher than the high range (in your case '2999999') will be ignored, could this be your problem ? Rowland