I recently have upgraded from Samba 2.2.8 to 3.0.7. I am using LDAP as a backend, but I'm running into a problem. Namely, since my user entries have no sambaSID attribute, Samba decides they don't exist. (At least, that's how it looks in the logs, included below.) I've looked through the conversion script that's included with Samba 3, but it just uses the rid attribute, which I also don't have assigned in any of my users.
Is there any way to algorithmically convert a unix uid to an sid? I'd like to just run a script through all of my users to grab the uid, convert to an rid, prepend my system sid, and write it to the sambaSID attribute. Here's the log excerpt that lead me to believe that it's having problems with the SID: [...snip...] [2004/10/04 14:57:39, 10] passdb/pdb_get_set.c:pdb_set_nt_username(679) pdb_set_nt_username: setting nt username stpierre, was [2004/10/04 14:57:39, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525) element 15 -> now SET [2004/10/04 14:57:39, 10] lib/smbldap.c:smbldap_get_single_attribute(309) smbldap_get_single_attribute: [sambaSID] = [<does not exist>] [2004/10/04 14:57:39, 10] lib/smbldap.c:smbldap_get_single_attribute(309) smbldap_get_single_attribute: [sambaPrimaryGroupSID] = [<does not exist>] [2004/10/04 14:57:39, 10] passdb/pdb_get_set.c:pdb_set_group_sid(588) pdb_set_group_sid: setting group sid S-1-5-21-2507527290-1625623118-1076039497-513 [2004/10/04 14:57:39, 10] passdb/pdb_compat.c:pdb_set_group_sid_from_rid(100) pdb_set_group_sid_from_rid: setting group sid S-1-5-21-2507527290-1625623118-1076039497-513 from rid 513 [2004/10/04 14:57:39, 1] passdb/pdb_ldap.c:init_sam_from_ldap(539) init_sam_from_ldap: no sambaSID or sambaSID attribute found for this user stpierre [2004/10/04 14:57:39, 1] passdb/pdb_ldap.c:ldapsam_getsampwnam(1278) ldapsam_getsampwnam: init_sam_from_ldap failed for user 'stpierre'! [2004/10/04 14:57:39, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/10/04 14:57:39, 3] auth/auth_sam.c:check_sam_security(244) check_sam_security: Couldn't find user 'stpierre' in passdb file. [2004/10/04 14:57:39, 5] auth/auth.c:check_ntlm_password(271) check_ntlm_password: sam authentication for user [stpierre] FAILED with error NT_STATUS_NO_SUCH_USER [2004/10/04 14:57:39, 3] auth/auth_winbind.c:check_winbind_security(80) check_winbind_security: Not using winbind, requested domain [NWU_TEST] was for this SAM. [2004/10/04 14:57:39, 10] auth/auth.c:check_ntlm_password(259) check_ntlm_password: winbind had nothing to say [2004/10/04 14:57:39, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [stpierre] -> [stpierre] FAILED with error NT_STATUS_NO_SUCH_USER [...snip...] I've googled for the algorithm, but everyone else seems to be more interested in converting sids to uids. Any ideas? Thanks. Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University 402.465.7549 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba