Bug 6033 - localsid initialization logic broken
localsid initialization logic broken
Status: NEW
Product: Samba 3.2
Classification: Unclassified
Component: Domain Control
3.2.7
All All
: P3 normal
: ---
Assigned To: Volker Lendecke
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-01-14 02:39 UTC by Björn Jacke
Modified: 2009-05-11 04:52 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Björn Jacke 2009-01-14 02:39:10 UTC
localsid is not created if ldapsam backend is configured.

How to reproduce:

starting with a non existing secrets.tdb and passdb backend = ldapsam:...

pell:/etc/samba # net getlocalsid
[2009/01/14 09:13:47,  0] passdb/secrets.c:fetch_ldap_pw(888)
  fetch_ldap_pw: neither ldap secret retrieved!
[2009/01/14 09:13:47,  0] lib/smbldap.c:smbldap_connect_system(952)
  ldap_connect_system: Failed to retrieve password from secrets.tdb
[2009/01/14 09:13:48,  0] passdb/secrets.c:fetch_ldap_pw(888)
  fetch_ldap_pw: neither ldap secret retrieved!
[2009/01/14 09:13:48,  0] lib/smbldap.c:smbldap_connect_system(952)
  ldap_connect_system: Failed to retrieve password from secrets.tdb
^C
samba is failing here to access LDAP even though localsid is in secrets.tdb?

okay, let's go on:

pell:/etc/samba # smbpasswd -w manager
Setting stored password for "cn=Directory Manager,dc=..." in secrets.tdb

pell:/etc/samba # tdbdump secrets.tdb
{
key(62) = "SECRETS/LDAP_BIND_PW/cn=Directory Manager,..."
data(9) = "manager\00"
}

pell:/etc/samba # net getlocalsid
[2009/01/14 09:14:10,  0] utils/net.c:net_getlocalsid(709)
  Can't fetch domain SID for name: PELL

secrets.tdb now holds:

pell:/etc/samba # tdbdump secrets.tdb
{
key(62) = "SECRETS/LDAP_BIND_PW/cn=Directory Manager,..."
data(9) = "manager\00"
}
{
key(15) = "SECRETS/SID/MYDOMAIN"
data(68) = "\01\04\00\00\00\00\00\05\15\00\00\00\22\A1+\D1\10\BB\A0\F3\DD\E9\0B\D6\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
}

in this broken state switching back passdb backend to smbpasswd doesn't help either:

pell:/etc/samba # net getlocalsid
[2009/01/14 09:17:47,  0] utils/net.c:net_getlocalsid(709)
  Can't fetch domain SID for name: PELL

the only way out is run setlocalsid manually.