Bug 10148 - wrong uid,gid
Summary: wrong uid,gid
Status: RESOLVED INVALID
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.0.9
Hardware: x64 Linux
: P5 major (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-09-17 13:20 UTC by user
Modified: 2018-02-26 22:50 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description user 2013-09-17 13:20:29 UTC
I have samba 4.0.9 as AD DC
[global]
        workgroup = DOMAIN
        realm = DOMAIN.LOCAL
        netbios name = DC
        server role = active directory domain controller
        dns forwarder = 8.8.8.8

        #idmap_ldb:use rfc2307=yes
        tls enabled = yes
        tls keyfile = /var/lib/samba/private/tls/sambaKey.pem
        tls certfile = /var/lib/samba/private/tls/sambaCert.pem
        tls cafile =
        allow dns updates = nonsecure

        template shell = /bin/bash

# wbinfo -u
Administrator
Guest
krbtgt
tester
megatest
# getent passwd
DOMAIN\Administrator:*:0:100::/home/DOMAIN/Administrator:/bin/bash
DOMAIN\Guest:*:3000011:3000012::/home/DOMAIN/Guest:/bin/bash
DOMAIN\krbtgt:*:3000023:100::/home/DOMAIN/krbtgt:/bin/bash
DOMAIN\tester:*:3000022:100::/home/DOMAIN/tester:/bin/bash
DOMAIN\megatest:*:3000024:100::/home/DOMAIN/megatest:/bin/bash

And I have samba 4.0.9 as member of samba 4.0.9 AD DC
[global]
        workgroup = DOMAIN
        realm = domain.local
        security = ADS
        netbios name = FILES
        encrypt passwords = Yes
        printcap name = cups
        printing = cups
        log level = 3
        log file = /var/log/samba/%m
        max log size = 50

        map untrusted to domain = Yes

        winbind trusted domains only = no
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
        winbind nss info = rfc2307

        idmap config *:backend = tdb
        idmap config DOMAIN:range = 1000-20000000
        idmap config DOMAIN:schema_mode = rfc2307
        idmap config DOMAIN:backend = ad

        create mask = 0777
        directory mask = 0777
# wbinfo -u
administrator
megatest
krbtgt
tester
guest
# getent passwd
administrator:*:4294967295:4294967295:Administrator:/home/DOMAIN/administrator:/bin/false
megatest:*:4294967295:4294967295:megatest:/home/DOMAIN/megatest:/bin/false
krbtgt:*:4294967295:4294967295:krbtgt:/home/DOMAIN/krbtgt:/bin/false
tester:*:4294967295:4294967295:tester:/home/DOMAIN/tester:/bin/false
guest:*:4294967295:4294967295:Guest:/home/DOMAIN/guest:/bin/false

file server doesn't work!!!
Comment 1 Björn Jacke 2018-02-26 22:50:13 UTC
you did not set up the uidnumber/gidnumber attributes. please read the wiki for examples of correct idmap configurations and setting up the accounts for that idmap module