Hello - Selon Cédric Delfosse <[EMAIL PROTECTED]>:
> Le lundi 05 février 2007 à 09:45 +0100, emmanuel musso a écrit : > > Hello > > > > When a windows xp workstation join a domain, by windows gui parameters, > ldap > > machine attributes are not filled correctly: > > > > - No attribute sambaprimarygroupsid (before, there was one terminated by > 515) > > AFAIK, the gid number of a computer/user account entry is now used to > determine its primary group SID (if sambaPrimaryGroupSID is not set). For my computer accounts, gid is correctly defined to 515 > > > - rid (of sambasid) is not equal a 2*uid+1000 > > > > If i create a user, rid (sambasid) equal a 2*uid + 1000 (and > sambaprimarygrousid > > terminated by 513) > > > > All the others samba attributes are ok > > Same problem if i use "smbldap-useradd -w" before joining the domain; Posix > > attributes are created by "smbldap-useradd -w", and samba attributes are > > created the first time workstation join the domain, allways with bad > sambasid > > and without sambaprimarygroupsid. > > > > Same problem if i use "net join" on a linux smbclient with winbind > > > > In all cases, my workstation is connected to the domain, and user can use > it. > > > > I didn't change my config, i didn't modify idealx tools. I think the > problem > > exits since 3.0.23c-1 update in month september. I know my computers who > joined > > the domain before samba 3.0.23c-1 update (debian apt-get) are ok, with > > sambaprimarygroupsid present, and valid sambasid > > (rid = 2* uid + 1000). > > I have 2 Domain with the same problem > > I have one domain that also showed this behaviour (samba 3.0.23d), and > another that works « like before ». > > Looks like that SAMBA was using the sambaNextRid field from the > sambaDomainName entry to build the SAMBA SID of the computer accounts, > but I don't know why. Yes i think you are right Here is syslog when i create a computer Feb 7 09:18:15 nestor slapd[24440]: conn=14766 op=36 SRCH attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupR id sambaSID sambaAlgorithmicRidBase objectClass Feb 7 09:18:15 nestor slapd[24440]: conn=14766 op=36 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 7 09:18:15 nestor slapd[24440]: conn=14766 op=37 MOD dn="sambaDomainName=GE2I,dc=ge2i,dc=iut-tlse3,dc=fr" Feb 7 09:18:15 nestor slapd[24440]: conn=14766 op=37 MOD attr=sambaNextRid sambaNextRid here is syslog when i create a user Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=4 SRCH base="dc=ge2i,dc=iut-tlse3,dc=fr" scope=2 deref=2 filter="(uidNumbe r=5130)" Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text= Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=5 SRCH base="ou=Groups,dc=ge2i,dc=iut-tlse3,dc=fr" scope=2 deref=2 filter= "(&(objectClass=posixGroup)(gidNumber=513))" Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=5 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=6 SRCH base="ou=People,dc=ge2i,dc=iut-tlse3,dc=fr" scope=2 deref=2 filter= "(sambaSID=s-1-5-21-1013494363-2106538438-1688464621-11260)" Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=6 SEARCH RESULT tag=101 err=0 nentries=0 text= Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=7 ADD dn="uid=atest,ou=People,dc=ge2i,dc=iut-tlse3,dc=fr" Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=7 RESULT tag=105 err=0 text= Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=8 MOD dn="uid=atest,ou=People,dc=ge2i,dc=iut-tlse3,dc=fr" Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=8 MOD attr=objectClass sambaPwdLastSet sambaLogonTime sambaLogoffTime samb aKickoffTime sambaPwdCanChange sambaPwdMustChange displayName sambaAcctFlags sambaSID Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=8 RESULT tag=103 err=0 text= Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=9 MOD dn="uid=atest,ou=People,dc=ge2i,dc=iut-tlse3,dc=fr" Feb 7 09:38:51 nestor slapd[24440]: conn=14805 op=9 MOD attr=sambaLMPassword sambaPrimaryGroupSID sambaNTPassword sambaLogon Script sambaHomePath sambaHomeDrive Why samba use the sambaNextRid field from the sambaDomainName entry to build the SAMBA SID of the computer accounts ? in which configuration file SID's creation is different for users and computers ? Is there a new samba.schema since september month ? (Mine is original samba.schema with minor update change recommended by whatsnew for 3.0.23)? Thanks > > Regards, > > -- > Cedric Delfosse Linbox / Free&ALter Soft > 152, rue de Grigy - Technopole Metz 57070 METZ - FRANCE > tel: +33 (0)3 87 50 87 90 http://linbox.com > > Regards - Emmanuel musso technicien informatique I.U.T. Paul Sabatier Dépt Génie électrique 0562258241 Service informatique 0562258025 ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba