lexxai
Dabbler
- Joined
- Nov 9, 2016
- Messages
- 33
FreeNAS 11.2-U2.1
SABMA connected to external Active Directory.
ZFS pool poolz2/samba/users/ used for general purpose as home of users.
getfacl /mnt/poolz2/samba/users/user1
..
group:21106:rwxpDdaARWcCo-:fd-----:allow
All work Ok. User have acces to home folder.
/var/log/samba4/log.smbd
connect to service storage initially as user EDOMAIN\user1 (uid=21106, gid=20513)
in time can see changes of GID for group.
connect to service storage initially as user EDOMAIN\user1 (uid=21106, gid=90000015)
and later changes of UID for user.
connect to service storage initially as user EDOMAIN\user1 (uid=90000012, gid=90000015)
And now user haven't access to their home folder, since it other ID.
wbinfo -i EDOMAIN\\user1
EDOMAIN\user1:*:90000012:90000015:test user:/home/EDOMAIN/user1:/bin/sh
net usersidlist
EDOMAIN\user1
S-1-5-21-1000237325-705069941-1001383582-1106
Reload service not help. Only reboot of FreeNAS server help, and all work some time.
but user still haven't access to their home folder
But if clear cache 'net cache flush', then
wbinfo -i EDOMAIN\\user1
EDOMAIN\user1:*:21106:20513:test user:/home/EDOMAIN/user1:/bin/sh
And reload /etc/ix.rc.d/ix-activedirectory restart
Then if user unmap user home disk z: and remap again now OK.
1. How detect problem zone.
2. How recover w/o reboot FreeNAS.
For now I start use script that monitor users uid.
SABMA connected to external Active Directory.
ZFS pool poolz2/samba/users/ used for general purpose as home of users.
getfacl /mnt/poolz2/samba/users/user1
..
group:21106:rwxpDdaARWcCo-:fd-----:allow
All work Ok. User have acces to home folder.
/var/log/samba4/log.smbd
connect to service storage initially as user EDOMAIN\user1 (uid=21106, gid=20513)
in time can see changes of GID for group.
connect to service storage initially as user EDOMAIN\user1 (uid=21106, gid=90000015)
and later changes of UID for user.
connect to service storage initially as user EDOMAIN\user1 (uid=90000012, gid=90000015)
And now user haven't access to their home folder, since it other ID.
wbinfo -i EDOMAIN\\user1
EDOMAIN\user1:*:90000012:90000015:test user:/home/EDOMAIN/user1:/bin/sh
net usersidlist
EDOMAIN\user1
S-1-5-21-1000237325-705069941-1001383582-1106
Reload service not help. Only reboot of FreeNAS server help, and all work some time.
but user still haven't access to their home folder
But if clear cache 'net cache flush', then
wbinfo -i EDOMAIN\\user1
EDOMAIN\user1:*:21106:20513:test user:/home/EDOMAIN/user1:/bin/sh
And reload /etc/ix.rc.d/ix-activedirectory restart
Then if user unmap user home disk z: and remap again now OK.
1. How detect problem zone.
2. How recover w/o reboot FreeNAS.
For now I start use script that monitor users uid.
Code:
#!/bin/sh wbinfoexe=/usr/local/bin/wbinfo for user in $(${wbinfoexe} -u) do uid=$(${wbinfoexe} -i "$user" | awk -F: '{print $3}' | egrep "^900") if [ ! -z "${uid}" ];then echo "Abnormal user is $user $uid" ${wbinfoexe} --logoff-user="${user}" net cache flush /etc/ix.rc.d/ix-activedirectory restart break fi done
Last edited: