At a site I have samba as DC, the users in LDAP (centrally managed) and the
machine accounts in a local tdbsam like this:
passdb backend = tdbsam:/etc/samba/smbpasswd ldapsam_compat:ldap://localhost guest
There are quite a few clients joining and leaving the domain every week and now
and then it sometimes happenes, that two or three machines end up with the same
RID in the tdbsam. As you can imagine this is quite annoying since only one of
those machines can log into the domain. Removing one of the affected clients
from the domain doesn't help, as it removes the reverse RID mapping from the
tdb, thus disabling all other clients with this RID. First level support already
had their days running around and re-joining clients to the domain and
circularily disabling clients.
I know, that is quite sketchy, but I'll try to supply additional information as
The initial rid should be based on the actual uid
assigned to the machine's unix account. Please retest 3.0.11
and reopen if necessary.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.