search for: uid2sid

...king configuration with the UID I'd expect: [root at dc1 ~]# id auser uid=41000(auser) gid=61000(domain users) groups=..... [root at dc1 ~]# net cache list | grep -e 1234 Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 Timeout: Thu Jun 18 11:02:33 2015 Value: 41000:U Key: IDMAP/UID2SID/41000 Timeout: Thu Jun 18 11:02:33 2015 Value: S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 However, some time later, without any input from me at all, this changes to: [root at dc1 ~]# id auser uid=3000007(auser) gid=61000(domain users) groups=..... [root at dc1 ~]# net cache list | grep -e 1104...

...D I'd expect: > [root at dc1 ~]# id auser > uid=41000(auser) gid=61000(domain users) groups=..... > [root at dc1 ~]# net cache list | grep -e 1234 > Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 > Timeout: Thu Jun 18 11:02:33 2015 Value: 41000:U > Key: IDMAP/UID2SID/41000 Timeout: Thu Jun 18 11:02:33 2015 Value: > S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 > > However, some time later, without any input from me at all, this changes to: > [root at dc1 ~]# id auser > uid=3000007(auser) gid=61000(domain users) groups=..... > [root at dc1 ~]#...

...eate the entry in ldap, it does get added to gencache.tdb with the uid (e.g. 4000.) e.g. --------------------------------------------------------------------------------- key(61) = "IDMAP/SID2UID/S-1-5-21-xxxx-1111\00" data(16) = " 1273070774/40000\00" key(20) = "IDMAP/UID2SID/40000\00" data(60) = " 1272981160/S-1-5-21-xxxx-1111\00" --------------------------------------------------------------------------------- But "getent passwd" will not show the user. If the entry was not predefined in LDAP, a negative entry gets added to gencache.tdb...

...at dc1 ~]# net cache list | grep -e -1234 Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 Timeout: Fri Jun 19 21:52:23 2015 Value: 3000007:B Key: IDMAP/GID2SID/3000007 Timeout: Fri Jun 19 21:52:23 2015 Value: S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 Key: IDMAP/UID2SID/41000 Timeout: Fri Jun 19 21:52:23 2015 Value: S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 Key: IDMAP/UID2SID/3000007 Timeout: Fri Jun 19 21:52:23 2015 Value: S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1234 Perhaps it's better to post the complete output from 'testparm...

...ile: usr/local/samba/var/locks/sysvol # owner: root # group: administrators user::rwx user:root:rwx user:3000013:r-x user:3000140:rwx [...] [root at dc ~]# net cache list | egrep "(0013|00140)" Key: IDMAP/GID2SID/3000140 Timeout: Sun Nov 15 04:04:35 2015 Value: S-1-5-18 Key: IDMAP/UID2SID/3000013 Timeout: Sun Nov 15 03:23:23 2015 Value: S-1-5-11 but replication does seem to work across DCs via rsync at the moment. I suspect this is another thread entirely from the bug we have been discussing, though :) Maybe there's a way I can add the rfc2307 attributes to these two S...

Thanks buhorojo. The sssd list came up trumps here. When changing ID mappings, the sssd database must be manually removed (rm /var/lib/sss/db/*). I now have sssd working again :) I shall keep an eye on the mappings during the day today.. On 12 June 2015 at 07:36, buhorojo <buhorojo.lcb at gmail.com> wrote: > On 12/06/15 01:34, Jonathan Hunter wrote: >> >> On 11 June 2015 at

...ot:rwx > > user:3000013:r-x > > user:3000140:rwx > > [...] > > [root at dc ~]# net cache list | egrep "(0013|00140)" > > Key: IDMAP/GID2SID/3000140 Timeout: Sun Nov 15 04:04:35 2015 > > > > Value: S-1-5-18 > > > > Key: IDMAP/UID2SID/3000013 Timeout: Sun Nov 15 03:23:23 2015 > > > > Value: S-1-5-11 > > > > but replication does seem to work across DCs via rsync at the > > moment. > > > > I suspect this is another thread entirely from the bug we have been > > discussing,...

...> # group: administrators > user::rwx > user:root:rwx > user:3000013:r-x > user:3000140:rwx > [...] > [root at dc ~]# net cache list | egrep "(0013|00140)" > Key: IDMAP/GID2SID/3000140 Timeout: Sun Nov 15 04:04:35 2015 > Value: S-1-5-18 > Key: IDMAP/UID2SID/3000013 Timeout: Sun Nov 15 03:23:23 2015 > Value: S-1-5-11 > > but replication does seem to work across DCs via rsync at the moment. > > I suspect this is another thread entirely from the bug we have been > discussing, though :) Maybe there's a way I can add the rfc2...

...ttribute sambaBadPasswordCount does not exist attribute sambaBadPasswordTime does not exist attribute sambaLogonHours does not exist Adding cache entry with key = IDMAP/SID2UID/S-1-5-21-x-y-z-403267 and timeout = Mon Sep 12 10:11:25 2011 (604800 seconds ahead) Adding cache entry with key = IDMAP/UID2SID/5059 and timeout = Mon Sep 12 10:11:25 2011 (604800 seconds ahead) gid 515 -> sid S-1-5-21-x-y-z-515 gid 515 -> sid S-1-5-21-x-y-z-515 do lookup_sid(S-1-5-21-x-y-z-515) for group of user machine$ lookup_sid called for SID 'S-1-5-21-x-y-z-515' Accepting SID S-1-5-21-x-y-z in level 1...

Hi all, I got a problem while trying to set up a Samba 3.4 Server in hybrid-mode. After trying for some time I managed doing a merged-build of Samba3 and Samba4 and I can now start samba4 without getting errors. However, the same is not true for Samba3: starting it, I get the below error message. Has anyone an idea about what the reason could be? Did I miss anything during build/setup?

On 07/11/15 23:28, Michael Adam wrote: > rsync will work if not using --numeric-ids. OK, I know that logins will work on all the samba machines, but I am not sure what you say about rsync is correct, this is what 'man rsync' has to say about '--numeric-ids': --numeric-ids don't map uid/gid values by user/group name So by my reading, if you don't use it,

Hi, I am trying to use squid proxy with validation on win 2003 active directory to filter internet navigation and for it I installed an ubuntu 10.04 server 64 bit with samba. My installation looks ok, the server is joined to the AD, ntlm is able to validate user, wbinfo report corret information and squid works good. The problem arise after some hours: winbind become not able to resolv info

We're using Samba 3.0.21a-1 on a CentOS 4.2 server (kernel 2.6.9-22.0.2.ELsmp); everything works more or less fine, it's functioning as the PDC with an OpenLDAP back end (setup essentially straight from the Idealx.org playbook), etc. We're trying to mount Windows shares to back them up, and getting "permission denied" errors when trying to read certain files from those