Beta1 has "invented" uids/gids for users that previously existed and worked fine in a23. These new gids/uids obviously don't authenticate very well, and appear to again change at a randomn interval. Usually every day some other user loses the ability to login to the server. The server is running as a domain server, serving profiles, that don't update either. Permissions on the profile directory/home directories have been made 777 so that when users come on with invented uids/gids they can still get to the data. We are down to 3 functioning accounts now out of 24, everyone on the network logs on with one of those 3 accounts. Here is typical winbindd log: [2003/06/12 10:04:56, 1] nsswitch/winbindd_util.c:rescan_trusted_domains(166) scanning trusted domain list [2003/06/12 10:05:06, 1] libsmb/cliconnect.c:cli_full_connection(1275) failed session setup with NT_STATUS_OK [2003/06/12 10:05:17, 1] libsmb/cliconnect.c:cli_full_connection(1275) failed session setup with NT_STATUS_OK [2003/06/12 10:05:27, 1] libsmb/cliconnect.c:cli_full_connection(1275) failed session setup with NT_STATUS_OK [2003/06/12 10:05:27, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'nobody' does not exist [2003/06/12 10:05:27, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'nobody' does not exist [2003/06/12 10:05:27, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'nobody' does not exist [2003/06/12 10:05:27, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'nobody' does not exist [2003/06/12 10:05:27, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'lee' does not exist [2003/06/12 10:05:27, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'lee' does not exist [2003/06/12 10:05:27, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'lee' does not exist [2003/06/12 10:05:35, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'lee' does not exist [2003/06/12 10:05:37, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'lee' does not exist [2003/06/12 10:05:41, 1] nsswitch/winbindd_group.c:winbindd_getgroups(846) user 'lee' does not exist Here is smbstatus output.... 32456 10000 10000 plot_plan (192.168.1.11) 32463 10000 10000 lee (192.168.1.26) 430 10001 numa debbie (192.168.1.23) 29044 10009 10008 surveyor (192.168.1.25) 32397 10002 10002 steve2 (192.168.1.12) 32612 10004 10004 damian (192.168.1.24) 28199 10024 10009 kris (192.168.1.21) Notice computer kris, this is actually being logged into with user account "numa". Here is smbpasswd pdc$:501:FF985A4C229CDFC20C6996F40740D1FE:7F8E53546DC0468F40D96223DED91A45:[W ]:LCT-3E29AEFD: damian:10019:78BCCAEE08C90E29AAD3B435B51404EE:F9E37E83B83C47A93C2F09F66408631B:[U ]:LCT-3E2C886D: lee:10020:78BCCAEE08C90E29AAD3B435B51404EE:F9E37E83B83C47A93C2F09F66408631B:[U ]:LCT-3E2C885F: debbie:10021:78BCCAEE08C90E29AAD3B435B51404EE:F9E37E83B83C47A93C2F09F66408631B:[U ]:LCT-3E2B2C23: renegade:10022:8A3FF20521977606AAD3B435B51404EE:83D6F22CFDF3E428C0CFE03423BE529C:[U ]:LCT-3E5DC313: jerry:10029:78BCCAEE08C90E29AAD3B435B51404EE:F9E37E83B83C47A93C2F09F66408631B:[UX ]:LCT-3E3EB870: survey_backup$:10030:21ACDE0DA8BEBDB216AC416C2658E00D:B34A5A183842B6FFA409F36944650588:[W ]:LCT-3E3EBDE5: kris$:10032:4564575F74DC7CE2B030F080609195A5:A325A73438B488E0E17DCE964F6038DB:[W ]:LCT-3EE88C0C: lee$:10033:2EFEB8E5792417B2B6B5F70E214310C1:2EFEB8E5792417B2B6B5F70E214310C1:[W ]:LCT-3ED9F16A: damian$:10035:99CEF8B6FACE1069F77DB8C60D511022:99CEF8B6FACE1069F77DB8C60D511022:[W ]:LCT-3EDB44ED: steve$:10036:4336BB826D5E72BB62E708A967B09BA5:1D55021D5B4D6EB02F9A565ED83FBC65:[W ]:LCT-3E5DCA71: plot_plan$:10037:FB7FCC25A7139B21E10DB41252139035:FB7FCC25A7139B21E10DB41252139035:[W ]:LCT-3ED88323: steve2$:10038:DFAC1088DE4E580E226CD06206CBF11B:DFAC1088DE4E580E226CD06206CBF11B:[UW ]:LCT-3EDC868A: debbie$:10039:5368B3E6D28B987976AD80D002039923:5368B3E6D28B987976AD80D002039923:[W ]:LCT-3EDB5172: littledebbie:10041:78BCCAEE08C90E29AAD3B435B51404EE:F9E37E83B83C47A93C2F09F66408631B:[U ]:LCT-3E5E44AB: administrator:10042:633C097A37B26C0CAAD3B435B51404EE:F2477A144DFF4F216AB81F2AC3E3207D:[U ]:LCT-3E6584E1: surveyor$:10043:C0782154818E5641DC4EFB4F82592F95:C0782154818E5641DC4EFB4F82592F95:[UW ]:LCT-3EE7A575: rob:10044:78BCCAEE08C90E29AAD3B435B51404EE:F9E37E83B83C47A93C2F09F66408631B:[U ]:LCT-3E8226C4: david$:10045:0C60300E8A167714AAD3B435B51404EE:150A6646313CD1A664BBCA9ABE74293E:[W ]:LCT-3EF0A555: david:10046:78BCCAEE08C90E29AAD3B435B51404EE:F9E37E83B83C47A93C2F09F66408631B:[U ]:LCT-3E879934: kris:500:72888BEF9A839711AAD3B435B51404EE:EC4A3E5FE5646DB34088252B6B267E35:[U ]:LCT-3EE8B874: numa:10018:4FD05C1E375B5B4BAAD3B435B51404EE:7B94A780A5753E5B687D9CBDD03EBFC4:[U ]:LCT-3EEF38D0: Notice numa account on last line. 10018. cool huh? Kris Bodenheimer
I do hope you realise that you posted password-equivilant values to a public bug database. I do hope this was just a testing system...
Made bug viewable by Samba Core Developers only, in case the passwords were used on a production system. (A lot of the passwords seem to be the same value)
My understanding is that this was a problem with the idmap changes in beta1 and have since been corrected in beta2.
Made bug viewable by non-team again since it is apparently a test system. From: Kris Bodenheimer <numa@thenuma.com> To: tpot@samba.org Subject: Re: [Bug 177] uids gis in samba samba-bugs@samba.org wrote: >https://bugzilla.samba.org/show_bug.cgi?id=177 > >tpot@samba.org changed: > > What |Removed |Added >---------------------------------------------------------------------------- > groupset|0 |128 > > > >------- Additional Comments From tpot@samba.org 2003-07-10 00:51 ------- >Made bug viewable by Samba Core Developers only, in case the passwords were >used >on a production system. > >(A lot of the passwords seem to be the same value) > > > >------- You are receiving this mail because: ------- >You reported the bug, or are watching the reporter. > This system is testing only, as evidenced by most passwords being same values. We operate 2 seperate domains, one for testing, the other for production.
originally reported against 3.0.0beta1. CLeaning out non-production release versions.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.