Opened 17 years ago
Closed 15 years ago
#59 closed defect (wontfix)
if standard guest account is added to a group, all Samba group information is broken after next Samba start
Reported by: | Herwig Bauernfeind | Owned by: | Silvan Scherrer |
---|---|---|---|
Priority: | blocker | Milestone: | Samba Server for eCS (OS/2) 1.1.0 |
Component: | Samba Server | Version: | 3.0.30 |
Keywords: | groups broken guest account | Cc: | herwig.bauernfeind@… |
Description
The first guest account gets a SID of 501, this is correct as can be seen from the Samba documentation.
As soon as you add this account with SID of 501 to any group, Samba (partly) forgets about its groups as soon as you stop the server and restart it.
The resulting list of a "net rpc group" command is always empty afterwards and you cannot add groups anymore.
You still can delete all groups except the one where the guest account was added to. When you try to delete this group you get a "dc lookup failed" error.
A "net groupmap" command still works. Unmapping the groups also works, with the exception of the group to which the guest account was added to.
It is impossible to get the group functionality back, integrity of some .tdb files (most notably group_mapping.tdb) is unrecoverably broken.
The above scenario is valid both for the smbpasswd backend and for the tdbsam backend.
The most easy way to reproduce is using my smbusers.exe which acts as a frontend for the net rpc user, net rpc group and net groupmap commands, however reproduction using the net rpc commands alone is also possible.
I can reproduce this 100% reliably on 3 machines.
This problem was present in all Samba builds so far, the reproduction scenario was developed and tested on both Samba 3.0.29 (private build) and Samba 3.0.30 (official build).
Change History (7)
comment:1 by , 17 years ago
Priority: | critical → blocker |
---|
comment:2 by , 16 years ago
Milestone: | → Samba Server for OS/2 1.0.1 |
---|
comment:3 by , 16 years ago
comment:4 by , 16 years ago
Milestone: | Samba Server for eCS (OS/2) 1.0.1 → Samba Server for eCS (OS/2) 1.0.2 |
---|
comment:5 by , 16 years ago
Version: | → 3.0.30 |
---|
comment:6 by , 15 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
is this still true in 3.3 tree?
comment:7 by , 15 years ago
Resolution: | → wontfix |
---|---|
Status: | assigned → closed |
This problem is gone in Samba 3.3.x
There must be a second trigger for the "broken group list" situation. More testing required.