Re: [Gluster-devel] [Samba] Samba4: Strange Behaveiour On Home share with 2 DC replicating /vfs glusterfs

Rowland Penny Wed, 19 Feb 2014 05:27:41 -0800

On 19/02/14 10:01, Daniel Müller wrote:

Now how do I give them uids on creating?
In practice suggestion from :
https://wiki.samba.org/index.php/Adding_users_with_samba_tool
for 50 Users can not be done.
Seems even the groups uid in both DCs differ:
ON DC1


TPLK\Enterprise Read-Only Domain Controllers:*:3000016:
TPLK\Domain Admins:*:3000008:
TPLK\Domain Users:*:100:
TPLK\Domain Guests:*:3000012:
TPLK\Domain Computers:*:3000017:
TPLK\Domain Controllers:*:3000018:
TPLK\Schema Admins:*:3000007:
TPLK\Enterprise Admins:*:3000006:
TPLK\Group Policy Creator Owners:*:3000004:
TPLK\Read-Only Domain Controllers:*:3000019:
TPLK\DnsUpdateProxy:*:3000020:

ON DC2

TPLK\Enterprise Read-Only Domain Controllers:*:3000028:
TPLK\Domain Admins:*:3000009:
TPLK\Domain Users:*:100:
TPLK\Domain Guests:*:3000003:
TPLK\Domain Computers:*:3000019:
TPLK\Domain Controllers:*:3000015:
TPLK\Schema Admins:*:3000010:
TPLK\Enterprise Admins:*:3000008:
TPLK\Group Policy Creator Owners:*:3000007:
TPLK\Read-Only Domain Controllers:*:3000029:
TPLK\DnsUpdateProxy:*:3000030:


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: muel...@tropenklinik.de
Internet: www.tropenklinik.de
"Der Mensch ist die Medizin des Menschen"





-----Ursprüngliche Nachricht-----
Von: Rowland Penny [mailto:rowlandpe...@googlemail.com]
Gesendet: Mittwoch, 19. Februar 2014 10:40
An: muel...@tropenklinik.de; sa...@lists.samba.org
Cc: gluster-devel@nongnu.org
Betreff: Re: [Samba] Samba4: Strange Behaveiour On Home share with 2 DC
replicating /vfs glusterfs

On 19/02/14 07:19, Daniel Müller wrote:

There is a strange behaviour having two DCs joined in one Domain
concerning the  [home] share.
The [home] is fixed on a replicating gluster volume on both DC.
Now creating the users directory with ADUC ex.:
\\s4master\home\%username% would do the necessary and the directory is
created on both dcs. On the first DC all working fine without any
issue but on the second the user cannot login their home shares
pointing to ex: \\s4slave\home\testneu The reason is a different UID!?
EX.: on the first DC 3000030 on the second 3000023!?
How can I fix this?

Greetings Daniel








On DC1:


[home]
comment=home s4master verzeichnis auf gluster node1 vfs objects=
recycle, glusterfs recycle:repository= /%P/%U/.Papierkorb
glusterfs:volume= sambacluster glusterfs:volfile_server = 172.17.1.1
recycle:exclude = *.tmp,*.temp,*.log,*.ldb,*.TMP,?~$*,~$*
recycle:keeptree = Yes
recycle:exclude_dir = .Papierkorb,tmp,temp,profile,.profile
recycle:touch_mtime = yes
recycle:versions = Yes
msdfs root=yes
path=/ads/home
read only=no
posix locking =NO
kernel share modes = No




[root@s4master home]# getfacl testneu
# file: testneu
# owner: root
# group: users
user::rwx
user:root:rwx
user:3000000:rwx
user:TPLK\134testneu:rwx
group::---
group:users:---
group:3000000:rwx
group:3000030:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:user:3000000:rwx
default:user:TPLK\134testneu:rwx
default:group::---
default:group:users:---
default:group:3000000:rwx
default:group:3000030:rwx
default:mask::rwx
default:other::---

[root@s4master home]# id testneu
uid=3000030(TPLK\testneu) gid=100(users) Gruppen=100(users)

On DC2:
[home]
comment=home s4slave verzeichnis auf gluster node2 vfs objects=
recycle, glusterfs recycle:repository= /%P/%U/.Papierkorb
glusterfs:volume= sambacluster glusterfs:volfile_server = 172.17.1.2
recycle:exclude = *.tmp,*.temp,*.log,*.ldb,*.TMP,?~$*,~$*
recycle:keeptree = Yes
recycle:exclude_dir = .Papierkorb,tmp,temp,profile,.profile
recycle:touch_mtime = yes
recycle:versions = Yes
msdfs root=yes
path=/ads/home
read only=no
posix locking =NO
kernel share modes = No

[root@s4slave home]# getfacl testneu
# file: testneu
# owner: root
# group: users
user::rwx
user:root:rwx
user:3000000:rwx
user:3000030:rwx
group::---
group:users:---
group:3000000:rwx
group:3000030:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:user:3000000:rwx
default:user:3000030:rwx
default:group::---
default:group:users:---
default:group:3000000:rwx
default:group:3000030:rwx
default:mask::rwx
default:other::---

[root@s4slave home]# id testneu
uid=3000023(TPLK\testneu) gid=100(users) Gruppen=100(users) <---should
be the same as DC1!?



EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: muel...@tropenklinik.de
Internet: www.tropenklinik.de
"Der Mensch ist die Medizin des Menschen"

Fairly easily, give your users uidNumber's & gidNumber's

Rowland

The problem here is that the numbers you are referring to, are actuallyxidNumbers from idmap.ldb, you can confirm this by opening idmap.ldbwith ldbedit:


ldbedit -e <your favorite editor> --url=/path/to/idmap.ldb

If you compiled samba4 yourself:

ldbedit -e nano --url=/usr/local/samba/private/idmap.ldb

If you give your groups a gidNumber and then your users a uidNumber andthe relevant gidNumber, the xidNumbers will be overridden and theuidNumber's & gidNumbers used instead.

Probably the easiest way of doing this would be to use ADUC on a windowsclient, if you do not have any windows clients, then I am sorry but youwill have to resort to ldbmodify and ldif's.


Rowland

_______________________________________________
Gluster-devel mailing list
Gluster-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/gluster-devel

Re: [Gluster-devel] [Samba] Samba4: Strange Behaveiour On Home share with 2 DC replicating /vfs glusterfs

Reply via email to