On Wed, 25 Jan 2017 08:01:00 +0100 (CET) Steffen Kaiser skdovecot@smail.inf.fh-brs.de wrote:
- Why does both UIDs 3000026 and 10001 translate back to HPRS\mark ? What HPRS\mark translates to?
Permission on that folder are:
$ ls -ld /home/HPRS/mark/Maildir drwx------ 17 HPRS\mark domusers 4096 Dec 7 23:07 /home/HPRS/mark/Maildir/
- I guess this HPRS\mark is 10001 ? (And not 3000026)
Permissions are unchanged since before the backup.
"backup"? You've restored the Maildir's from somewhere else? What was the _numerical_ UID within the backup and what is it now?
"backup" meaning I looked at the permissions on an older routine, backup. No, I did not restore anything.
BUT ... I found the problem. I upgraded Samba4 10 days ago from version 4.2.12 to 4.4.8 and, in the course of researching this problem, I found that the A/D authentication was broken:
with 4.2.12 on AD/DC: $ getent passwd mark HPRS\mark:*:10001:10000:Mark Foley:/home/HPRS/mark:/bin/false
With 4.4.8 on AD/DC: $ getent passwd mark HPRS\mark:*:3000026:100:Mark Foley:/home/HPRS/mark:/bin/bash
The new version of Samba is giving me this bogus UID:GID. I've no idea why. I have posted messages on the Samba List asking for help on this.
Email clients authenticate with Dovecot via Kerberos/GSSAPI and Dovecot was therefore trying to use 3000026:100 to access Maildir files/directories created with owner 10001:10000.
I've done a workaround by added the correct UID, GID for this user to /etc/passwd, although one is not suppose to have AD users in /etc/passwd. However, that is working for the time being.
If anyone on this list has had this experience and knows what needs to be fixed, please let me know!
Thanks -- Mark