Opened 16 years ago
Closed 14 years ago
#59 closed defect (wontfix)
if standard guest account is added to a group, all Samba group information is broken after next Samba start
| Reported by: | Herwig Bauernfeind | Owned by: | Silvan Scherrer |
|---|---|---|---|
| Priority: | blocker | Milestone: | Samba Server for eCS (OS/2) 1.1.0 |
| Component: | Samba Server | Version: | 3.0.30 |
| Keywords: | groups broken guest account | Cc: | herwig.bauernfeind@… |
Description
The first guest account gets a SID of 501, this is correct as can be seen from the Samba documentation.
As soon as you add this account with SID of 501 to any group, Samba (partly) forgets about its groups as soon as you stop the server and restart it.
The resulting list of a "net rpc group" command is always empty afterwards and you cannot add groups anymore.
You still can delete all groups except the one where the guest account was added to. When you try to delete this group you get a "dc lookup failed" error.
A "net groupmap" command still works. Unmapping the groups also works, with the exception of the group to which the guest account was added to.
It is impossible to get the group functionality back, integrity of some .tdb files (most notably group_mapping.tdb) is unrecoverably broken.
The above scenario is valid both for the smbpasswd backend and for the tdbsam backend.
The most easy way to reproduce is using my smbusers.exe which acts as a frontend for the net rpc user, net rpc group and net groupmap commands, however reproduction using the net rpc commands alone is also possible.
I can reproduce this 100% reliably on 3 machines.
This problem was present in all Samba builds so far, the reproduction scenario was developed and tested on both Samba 3.0.29 (private build) and Samba 3.0.30 (official build).
Change History (7)
comment:1 Changed 16 years ago by
| Priority: | critical → blocker |
|---|
comment:2 Changed 16 years ago by
| Milestone: | → Samba Server for OS/2 1.0.1 |
|---|
comment:3 Changed 16 years ago by
comment:4 Changed 15 years ago by
| Milestone: | Samba Server for eCS (OS/2) 1.0.1 → Samba Server for eCS (OS/2) 1.0.2 |
|---|
comment:5 Changed 15 years ago by
| Version: | → 3.0.30 |
|---|
comment:6 Changed 14 years ago by
| Owner: | changed from Paul Smedley to Silvan Scherrer |
|---|---|
| Status: | new → assigned |
is this still true in 3.3 tree?
comment:7 Changed 14 years ago by
| Resolution: | → wontfix |
|---|---|
| Status: | assigned → closed |
This problem is gone in Samba 3.3.x
There must be a second trigger for the "broken group list" situation. More testing required.