Bug #2951

Samba: error "USER is a Domain, not a user"

Added by Nicola Rauso over 6 years ago. Updated over 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-samba
Target version:v6.5
Security class: Resolution:
Affected version:v6.5-final NEEDINFO:No

Description

During Migration from NethService/SME Server, you can get an error from nethserver-samba-migrate-sam event while migrating a user:

# less /var/log/messages

...
Nov 11 12:39:41 service S30nethserver-samba-migrate-sam[24586]: USER is a Domain, not a user
Nov 11 12:39:41 service S30nethserver-samba-migrate-sam[24586]: Failed to change enabled state of SAM user `USER` at /etc/e-smith/events/user-modify/S30nethserver-samba-user-modify line 53.
...
Nov 11 12:39:41 service esmith::event[22458]: [ERROR] user-modify USER event failed
# hostname
service.USER.it

Related issues

Related to NethServer 6 - Bug #2976: Samba: error "GROUP is a Domain, not a group" CLOSED
Duplicated by NethServer 6 - Bug #2944: User-create event fails if user name is "service" CLOSED

Associated revisions

Revision 9cf431d0
Added by Davide Principi over 6 years ago

Specify local domain prefix explicitly. Refs #2951

The net sam command requires the local domain value prefixed to user
name, to disambiguate with the domain name itself.

History

#1 Updated by Nicola Rauso over 6 years ago

By the way, USER exits in ldap and accounts databases too:

# id USER
uid=5024(USER) gid=5024(USER) gruppi=5024(USER),502(locals)

# db accounts show USER
USER=user
    City=
    Company=
    Department=
    FirstName=USER
    LastName=USER S.p.a.
    MailForwardAddress=
    MailForwardKeepMessageCopy=no
    MailForwardStatus=disabled
    MailQuotaCustom=15
    MailQuotaType=default
    MailSpamRetentionStatus=disabled
    MailStatus=enabled
    PhoneNumber=
    Samba=enabled
    Shell=/usr/libexec/openssh/sftp-server
    Street=
    Uid=5024
    __state=active

#2 Updated by Davide Principi over 6 years ago

  • Category set to nethserver-samba
  • Status changed from NEW to TRIAGED
  • Target version set to v6.5
  • % Done changed from 0 to 20

At line 52, in nethserver-samba-user-modify the net sam command is passed a plain $user argument. This is good on most cases, but from this bug I learn if the $user value equals the domain name, net sam complains.

To fix (or workaround) the problem we have to prefix the domain name to $user, using the syntax:

 net sam set disabled DOMAINNAME\username ...

I don't know how this applies when role is WS: perhaps the SystemName prop must be used.

#3 Updated by Davide Principi over 6 years ago

  • Affected version set to v6.5-final
  • NEEDINFO changed from No to Yes

Nicola, could you check if the problem arises also on a clean installation, when a new account is created ?

#4 Updated by Davide Principi over 6 years ago

  • Related to Bug #2944: User-create event fails if user name is "service" added

#5 Updated by Nicola Rauso over 6 years ago

  • Subject changed from Samba: error "USER is a Domain, not a user" during migration to Samba: error "USER is a Domain, not a user"
  • NEEDINFO changed from Yes to No

Davide, bug is confirmed also in clean installation, with server either in "WS" role or in "PDC" role.
So the issue is not strictly connected to migration.

#6 Updated by Davide Principi over 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#7 Updated by Davide Principi over 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Test cases

Check the bug is fixed under the following scenarios:
  • role WS
  • role PDC
Combined with:
  • fresh installation (focus on nethserver-samba-sam-conf)
  • migration (focus on nethserver-samba-user-modify)
  • normal usage (focus on user modify, changing password, lock/unlock)

#8 Updated by Davide Principi over 6 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-samba-1.4.7-1.2git44862b9.ns6.noarch.rpm

#9 Updated by Massimo Palazzetti over 6 years ago

Tested with WS server role and no error was generated during the migration event.

#10 Updated by Giacomo Sanchietti over 6 years ago

  • Assignee set to Giacomo Sanchietti

#11 Updated by Giacomo Sanchietti over 6 years ago

  • Assignee deleted (Giacomo Sanchietti)

Test cases passed.

With WS mode:
  • Workgroup: test
  • SystemName: test
  • User: test

From /var/log/messages:

Dec  3 08:22:33 test esmith::event[14090]: Event: user-create test
Dec  3 08:22:33 test esmith::event[14090]: Use of uninitialized value in numeric gt (>) at /usr/share/perl5/Authen/SASL/Perl.pm line 130.
Dec  3 08:22:33 test /etc/e-smith/events/user-create/S04user-create-unix[14091]: /var/lib/nethserver/db/configuration: OLD MinUid=5001
Dec  3 08:22:33 test /etc/e-smith/events/user-create/S04user-create-unix[14091]: /var/lib/nethserver/db/configuration: NEW MinUid=5002
Dec  3 08:22:34 test /etc/e-smith/events/user-create/S04user-create-unix[14091]: /var/lib/nethserver/db/accounts: OLD test=user|City||Company||Department||Fir
stName|test|LastName|test|PhoneNumber||Samba|enabled|Street|
Dec  3 08:22:34 test /etc/e-smith/events/user-create/S04user-create-unix[14091]: /var/lib/nethserver/db/accounts: NEW test=user|City||Company||Department||Fir
stName|test|LastName|test|PhoneNumber||Samba|enabled|Street||Uid|5001
Dec  3 08:22:34 test /etc/e-smith/events/user-create/S04user-create-unix[14091]: /var/lib/nethserver/db/accounts: OLD test=user|City||Company||Department||Fir
stName|test|LastName|test|PhoneNumber||Samba|enabled|Street||Uid|5001
Dec  3 08:22:34 test /etc/e-smith/events/user-create/S04user-create-unix[14091]: /var/lib/nethserver/db/accounts: NEW test=user|City||Company||Department||Fir
stName|test|LastName|test|PhoneNumber||Samba|enabled|Street||Uid|5001|__state|new
Dec  3 08:22:34 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S04user-create-unix SUCCESS [0.426687]
Dec  3 08:22:34 test esmith::event[14090]: Updated 'user must change password at next logon' for TEST\test to yes
Dec  3 08:22:34 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S20nethserver-samba-user-create SUCCESS [0.230052]
Dec  3 08:22:34 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S25count-active-user-accounts SUCCESS [0.062331]
Dec  3 08:22:34 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S25nethserver-directory-user-modify SUCCESS [0.137629]
Dec  3 08:22:34 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S25nethserver-samba-profile-create SUCCESS [0.056793]
Dec  3 08:22:34 test esmith::event[14090]: Updated flag disabled for TEST\test to yes
Dec  3 08:22:34 test esmith::event[14090]: Updated fullname for TEST\test to test test
Dec  3 08:22:34 test esmith::event[14090]: Updated comment for TEST\test to test test
Dec  3 08:22:34 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S30nethserver-samba-user-modify SUCCESS [0.176908]
Dec  3 08:22:35 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S40nethserver-directory-password-policy SUCCESS [0.069689]
Dec  3 08:22:35 test esmith::event[14090]: Action: /etc/e-smith/events/user-create/S85user-group-modify SUCCESS [0.093294]
Dec  3 08:22:35 test esmith::event[14090]: Event: user-create SUCCESS

With PDC mode:
  • Workgroup: test2
  • SystemName: test2
  • User: test2

From /var/log/messages:

Dec  3 08:26:44 test2 esmith::event[15280]: Event: user-create test2
Dec  3 08:26:44 test2 esmith::event[15280]: Use of uninitialized value in numeric gt (>) at /usr/share/perl5/Authen/SASL/Perl.pm line 130.
Dec  3 08:26:44 test2 /etc/e-smith/events/user-create/S04user-create-unix[15281]: /var/lib/nethserver/db/configuration: OLD MinUid=5002
Dec  3 08:26:44 test2 /etc/e-smith/events/user-create/S04user-create-unix[15281]: /var/lib/nethserver/db/configuration: NEW MinUid=5003
Dec  3 08:26:44 test2 /etc/e-smith/events/user-create/S04user-create-unix[15281]: /var/lib/nethserver/db/accounts: OLD test2=user|City||Company||Department||FirstName|test2|LastName|test2|PhoneNumber||Samba|enabled|Street|
Dec  3 08:26:44 test2 /etc/e-smith/events/user-create/S04user-create-unix[15281]: /var/lib/nethserver/db/accounts: NEW test2=user|City||Company||Department||FirstName|test2|LastName|test2|PhoneNumber||Samba|enabled|Street||Uid|5002
Dec  3 08:26:44 test2 /etc/e-smith/events/user-create/S04user-create-unix[15281]: /var/lib/nethserver/db/accounts: OLD test2=user|City||Company||Department||FirstName|test2|LastName|test2|PhoneNumber||Samba|enabled|Street||Uid|5002
Dec  3 08:26:44 test2 /etc/e-smith/events/user-create/S04user-create-unix[15281]: /var/lib/nethserver/db/accounts: NEW test2=user|City||Company||Department||FirstName|test2|LastName|test2|PhoneNumber||Samba|enabled|Street||Uid|5002|__state|new
Dec  3 08:26:44 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S04user-create-unix SUCCESS [0.310327]
Dec  3 08:26:44 test2 esmith::event[15280]: Updated 'user must change password at next logon' for TEST\test2 to yes
Dec  3 08:26:44 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S20nethserver-samba-user-create SUCCESS [0.198902]
Dec  3 08:26:44 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S25count-active-user-accounts SUCCESS [0.052184]
Dec  3 08:26:45 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S25nethserver-directory-user-modify SUCCESS [0.132084]
Dec  3 08:26:45 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S25nethserver-samba-profile-create SUCCESS [0.060698]
Dec  3 08:26:45 test2 esmith::event[15280]: Updated flag disabled for TEST\test2 to yes
Dec  3 08:26:45 test2 esmith::event[15280]: Updated fullname for TEST\test2 to test2 test2
Dec  3 08:26:45 test2 esmith::event[15280]: Updated comment for TEST\test2 to test2 test2
Dec  3 08:26:45 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S30nethserver-samba-user-modify SUCCESS [0.224435]
Dec  3 08:26:45 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S40nethserver-directory-password-policy SUCCESS [0.077511]
Dec  3 08:26:45 test2 esmith::event[15280]: Action: /etc/e-smith/events/user-create/S85user-group-modify SUCCESS [0.071357]
Dec  3 08:26:45 test2 esmith::event[15280]: Event: user-create SUCCESS

#12 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from ON_QA to VERIFIED
  • % Done changed from 70 to 90

#13 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Package released in nethserver-updates:
  • nethserver-samba-1.4.8-1.ns6.noarch.rpm

#14 Updated by Davide Principi over 6 years ago

  • Related to Bug #2976: Samba: error "GROUP is a Domain, not a group" added

#15 Updated by Davide Principi over 6 years ago

  • Related to deleted (Bug #2944: User-create event fails if user name is "service")

#16 Updated by Davide Principi over 6 years ago

  • Duplicated by Bug #2944: User-create event fails if user name is "service" added

Also available in: Atom PDF