« previous next »
Pages: [1]

Author Topic: Warning - 4.2 may reset all users UID and GID  (Read 2664 times)

Silent_Ninja1

  • Zen Apprentice
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Warning - 4.2 may reset all users UID and GID
« on: November 25, 2015, 08:12:12 pm »
Never saw this on my test domain, but when I joined a new install 4.2 devel edition server to our domain today for some testing before moving passing mail over for usage, it reset all users UID's and GID's. This totally screwed up file access on all network shares and roaming profiles.

Looks like my holiday is down the tubes.

PS : Fresh install of 4.2 downloaded Monday. XenServer 6.5 vm. Domain has multiple samba 4.2 servers in production. Change occured during the first setup when joining as an additional domain controller. My monitoring platform shot out warning for uid and gid changes to every user and group on the domain as the saving module settings message was up.
« Last Edit: November 25, 2015, 09:01:55 pm by Silent_Ninja1 »
Logged

mathias

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Warning - 4.2 may reset all users UID and GID
« Reply #1 on: November 26, 2015, 11:59:49 am »
With 4.2 is something wrong. After update zentyal-core:amd64 (4.2.1, 4.2.1.1) or zentyal-core:amd64 (4.2.1, 4.2.1.1) which was on 2015-11-19 we have problem with idmaps and users are mapping to group users instead of domain users.
This resolution helps:
http://serverfault.com/questions/476086/samba-winbind-user-resolution
Right now it works with cron running net cache flush every minute, but that is not longterm solution.


Logged

Silent_Ninja1

  • Zen Apprentice
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Warning - 4.2 may reset all users UID and GID
« Reply #2 on: November 27, 2015, 04:47:56 pm »
This issue is a bit different. The Domain Users group is still there as the primary group, however the UID for every user was changed, and the GID for the Domain Users group was changed. This invalidated the entire ACL stackup on the samba42 fileserver.

Quote from: mathias on November 26, 2015, 11:59:49 am
With 4.2 is something wrong. After update zentyal-core:amd64 (4.2.1, 4.2.1.1) or zentyal-core:amd64 (4.2.1, 4.2.1.1) which was on 2015-11-19 we have problem with idmaps and users are mapping to group users instead of domain users.
This resolution helps:
http://serverfault.com/questions/476086/samba-winbind-user-resolution
Right now it works with cron running net cache flush every minute, but that is not longterm solution.
Logged

cmenghi

  • Zen Apprentice
  • *
  • Posts: 7
  • Karma: +1/-0
    • View Profile
Re: Warning - 4.2 may reset all users UID and GID
« Reply #3 on: May 03, 2016, 09:40:37 pm »
And the solution is running net cache flush every minute ?


https://forum.zentyal.org/index.php/topic,27703.new.html
Logged

Silent_Ninja1

  • Zen Apprentice
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Warning - 4.2 may reset all users UID and GID
« Reply #4 on: May 04, 2016, 08:47:15 pm »
Quote from: cmenghi on May 03, 2016, 09:40:37 pm
And the solution is running net cache flush every minute ?


https://forum.zentyal.org/index.php/topic,27703.new.html

Solution to this was to reenable unix attributes for all users. Since the file shares were on a posix based system that uid and gid were actively used.

Ive since removed the zentyal system from the domain and have gone another route for a groupware mail server.
Logged
Pages: [1]
« previous next »