>> after a few seconds, the ID is "restored" to the wrong one:
>> # getent group "domain users"
>> domain users:x:700009:
>
> That shouldn't happen, can you post the contents of /etc/nsswitch.conf
?
>
> Try stopping Samba, run 'net cache flush' and then restart Samba
again.
>
> Is anything else running ? sssd, nlscd or similar ?
>
> The only other thing that I can think of is, is your AD domains NETBIOS
> domain name something other than 'LIGHT' ?
I restore this old thread because those "tdb" ids popped up again.
To recap, in order to get rid of the wrong tdb ids I:
* changed all files on disk with find -gid TDB_UID chown RID_UID {} \;
* net cache flush
* rebooted
Everything was fine, but eventually it wasn't totally correct.
I found a similar problem on SO [1], and they suggest to:
service winbind stop
service smb stop
net cache flush
rm -f /var/lib/samba/*.tdb
rm -f /var/lib/samba/group_mapping.ldb
service smb start
service winbind start
Some further comments report a new "join" is required before
restarting services.
Can this be a correct approach?
Thanks
[1]?https://serverfault.com/a/505700/102716
--
Lorenzo Milesi - lorenzo.milesi at yetopen.com
CTO @ YetOpen Srl
Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood
Avenue - Suite 200 - Raleigh, NC 27612 - USA -
Tel +39 0341 220 205 - info.it at yetopen.com | Phone +1 919-817-8106 - info.us
at yetopen.com
Think green - Non stampare questa e-mail se non necessario / Don't print
this email unless necessary
-------- D.Lgs. 196/2003 e GDPR 679/2016 --------
Tutte le informazioni contenute in questo messaggio sono riservate ed a uso
esclusivo del destinatario.
Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da
ritenere confidenziali e riservate secondo i termini
del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo
679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non
autorizzata.
Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad
eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci
non appena possibile.
Grazie.
Confidentiality notice: this email message including any attachment is for the
sole use of the intended recipient and may contain confidential and privileged
information;
pursuant to Legislative Decree 196/2003 and the European General Data Protection
Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or
distribution
is prohibited. If you are not the intended recepient please delete this message
without copying, printing or forwarding it to others, and alert us as soon as
possible.
Thank you.