I've tried to extend 'samba-tool user create' to map unix UIDs to the SID of the newly created user. For this I've added the following code to samba4/scripting/samba/netcmd/user.py at the end of cmd_user_create: try: samdb = SamDB(url=H, session_info=system_session(), credentials=creds, lp=lp) samdb.newuser(username, password, force_password_change_at_next_login_req=must_change_at_next_login, useusernameascn=use_username_as_cn, userou=userou, surname=surname, givenname=given_name, initials=initials, profilepath=profile_path, homedrive=home_drive, scriptpath=script_path, homedirectory=home_directory, jobtitle=job_title, department=department, company=company, description=description, mailaddress=mail_address, internetaddress=internet_address, telephonenumber=telephone_number, physicaldeliveryoffice=physical_delivery_office) if match_unix_uid: #idmap = IDmapDB(lp=lp) sids = samdb.search(samdb.get_default_basedn(), scope=ldb.SCOPE_SUBTREE, expression=("(&(objectClass=user)(samaccountname=%s))" % username), attrs=["objectSid"]) if (len(sids) != 1): raise CommandError("Failed to set Unix UID for '%s'" % username, e) #pwent = pwd.getpwnam(username) self.outf.write("before sambd.schema_format_value: %s\n" % sids[0]) sid = samdb.schema_format_value("objectSid", sids[0]) #sid = str(sids[0]) #self.outf.write("%s\n" % sid) #self.outf.write("User '%s' matched to UID '%u' and SID '%s'\n" % (username,pwent[2],sid)) #idmap.setup_name_mapping(sid, idmap.TYPE_UID, pwent[2]) except Exception, e: raise CommandError("Failed to add user '%s': " % username, e) self.outf.write("User '%s' created successfully\n" % username) Only the lines after 'if match_unix_uid' are new, commented lines have been excluded to find the bug. The segfault seems to happen in the sid = samdb.schema_format_value(...)-line. Linux dmesg of the segfault is as follows: [190972.013015] python[29187]: segfault at 0 ip 00007f45c954156d sp 00007fffcde089e0 error 4 in libndr.so.0.0.1[7f45c9539000+19000] [191020.280895] python[29224]: segfault at 0 ip 00007f8c8c15456d sp 00007fff733dccf0 error 4 in libndr.so.0.0.1[7f8c8c14c000+19000] [191245.544410] python[29273]: segfault at 0 ip 00007f4ead92256d sp 00007fff68dc2f40 error 4 in libndr.so.0.0.1[7f4ead91a000+19000] [191269.279055] python[29288]: segfault at 0 ip 00007fedc061756d sp 00007fffe138e7f0 error 4 in libndr.so.0.0.1[7fedc060f000+19000] Valgrind doesn't tell me anything, but I'm not sure if it would work with python at all: # /opt/samba4/bin/samba-tool user create --match-unix-uid testy foo before sambd.schema_format_value: Message({'dn': Dn('CN=testy,CN=Users,DC=ad,DC=cip,DC=cs,DC=fau,DC=de'), 'objectSid': MessageElement(['\x01\x05\x00\x00\x00\x00\x00\x05\x15\x00\x00\x00;\x08z\x13\xc1\x1a\x06\xb7\xa1\x1b\xb4Cv\x04\x00\x00'])}) zsh: segmentation fault /opt/samba4/bin/samba-tool user create --match-unix-uid testy foo The usage of schema_format_value is analogous to Ldb.searchOne in samba/__init__.py line 131, but since I have no clue of python beyond the most trivial stuff, I'm not sure if I'm just using it wrong.
Okay, sorry for my non-existent python and code-reading skills, searchone in samba/__init__.py is not the same after all. When I use it right and change the offending line to sid = samdb.schema_format_value("objectSid", sids[0]["objectSid"][0]) in my code, the error disappears. Sorry for the possible bugspam, but perhaps the segfault is wort fixing nonetheless.
The segfault is indeed worth fixing, even if this is an incorrect use of the function - it should raise an exception if it's not getting the right input.
This seems to have been fixed, perhaps accidentally in the conversion to Python3, or perhaps deliberately before that.