Zentyal Forum, Linux Small Business Server

Zentyal Server => Installation and Upgrades => Topic started by: Silent_Ninja1 on November 25, 2015, 08:12:12 pm

Title: Warning - 4.2 may reset all users UID and GID
Post by: Silent_Ninja1 on November 25, 2015, 08:12:12 pm

Never saw this on my test domain, but when I joined a new install 4.2 devel edition server to our domain today for some testing before moving passing mail over for usage, it reset all users UID's and GID's. This totally screwed up file access on all network shares and roaming profiles.

Looks like my holiday is down the tubes.

PS : Fresh install of 4.2 downloaded Monday. XenServer 6.5 vm. Domain has multiple samba 4.2 servers in production. Change occured during the first setup when joining as an additional domain controller. My monitoring platform shot out warning for uid and gid changes to every user and group on the domain as the saving module settings message was up.

Title: Re: Warning - 4.2 may reset all users UID and GID
Post by: mathias on November 26, 2015, 11:59:49 am

With 4.2 is something wrong. After update zentyal-core:amd64 (4.2.1, 4.2.1.1) or zentyal-core:amd64 (4.2.1, 4.2.1.1) which was on 2015-11-19 we have problem with idmaps and users are mapping to group users instead of domain users.
This resolution helps:
http://serverfault.com/questions/476086/samba-winbind-user-resolution
Right now it works with cron running net cache flush every minute, but that is not longterm solution.

Title: Re: Warning - 4.2 may reset all users UID and GID
Post by: Silent_Ninja1 on November 27, 2015, 04:47:56 pm

This issue is a bit different. The Domain Users group is still there as the primary group, however the UID for every user was changed, and the GID for the Domain Users group was changed. This invalidated the entire ACL stackup on the samba42 fileserver.

Quote from: mathias on November 26, 2015, 11:59:49 am

With 4.2 is something wrong. After update zentyal-core:amd64 (4.2.1, 4.2.1.1) or zentyal-core:amd64 (4.2.1, 4.2.1.1) which was on 2015-11-19 we have problem with idmaps and users are mapping to group users instead of domain users.
This resolution helps:
http://serverfault.com/questions/476086/samba-winbind-user-resolution
Right now it works with cron running net cache flush every minute, but that is not longterm solution.

Title: Re: Warning - 4.2 may reset all users UID and GID
Post by: cmenghi on May 03, 2016, 09:40:37 pm

And the solution is running net cache flush every minute ?


 https://forum.zentyal.org/index.php/topic,27703.new.html (https://forum.zentyal.org/index.php/topic,27703.new.html)

Title: Re: Warning - 4.2 may reset all users UID and GID
Post by: Silent_Ninja1 on May 04, 2016, 08:47:15 pm

Quote from: cmenghi on May 03, 2016, 09:40:37 pm

And the solution is running net cache flush every minute ?


 https://forum.zentyal.org/index.php/topic,27703.new.html (https://forum.zentyal.org/index.php/topic,27703.new.html)

Solution to this was to reenable unix attributes for all users. Since the file shares were on a posix based system that uid and gid were actively used.

Ive since removed the zentyal system from the domain and have gone another route for a groupware mail server.