Wednesday, October 08, 2003

pdbedit

Samba 3.0's pdbedit is a bit of a mystery. When smb.conf is in the passsdb backend = smbpasswd mode, you can't use the program to edit the entries you see when doing a verbose listing- 


Unix username:       fooobar

NT username:          

Account Flags:        [U          ]

User SID:             S-1-5-21-3755442435-3957602856-2107517473-15880

Primary Group SID:    S-1-5-21-3755442435-3957602856-2107517473-1021

Full Name:            Bart Foo

Home Directory:       \\testpdc.env.duke.edu\msdfs\home\%u

HomeDir Drive:        

Logon Script:         somthing.bat

Profile Path:         \\testpdc.env.duke.edu\msdfs\home\%u\profile

Domain:               TESTDOMAIN

Account desc:         

Workstations:         

Munged dial:          

Logon time:           0

Logoff time:          Mon, 18 Jan 2038 22:14:07 GMT

Kickoff time:         Mon, 18 Jan 2038 22:14:07 GMT

Password last set:    0

Password can change:  0

Password must change: Mon, 18 Jan 2038 22:14:07 GMT


...but once I converted the backend to tdbsam, I could edit it. - 


   1. Set the passdb backend = tdbsam, smbpasswd.

   2. Execute: root# pdbedit -i smbpassed -e tdbsam

   3. Now remove the smbpasswd from the passdb backend configuration in smb.conf.


So how were those SIDs being stored? They weren't in the smbpasswd file. I assumed that samba was storing them in the secrets.tdb, and had exported them though the net rpc vampire commad. But maybe it just auto enerated them somehow, based on the smb.conf or something. While the user and group SID on that account look awfully similar, there is no obvious relationship to the /etc/passwd uid or the gid.

What's going on here?


# posted by bendy : 5:42 PM

This page is powered by Blogger. Isn't yours?