Calculate next SID, and why SID already is in base?

Today at work I got an error like the following while I tried to add a new user:

ldapsam_add_sam_account: SID 'S-1-5-21-xxxxxxxxx-xxxxxxxxxx-xxxxxxxxx-3048' already in the base, with samba attributes

I searched the net to find out what the problem was. On some site I found how the SID is calculated:

User-SID: uid*2+sambaAlgorithmicRidBase
Group-SID: gid*2+sambaAlgorithmicRidBase+1

My user had uid 1024 so it seemed to fit just right (I guess sambaAlgorithmicRidBase=1000). But why had another user already got the SID 3048, that would mean that another user had uid 1024?… Exactly! :)

Users for Samba is stored in LDAP. I have split my user- and Windows workstaion accounts (which also needs to be Linux users) into different containers named Users and Computers. When a normal account is created, it only checked for existing uid’s in the Users-container. Because of this I now have 2 users with the uid 1024 (both Windows workstation account and my newly created user account) and now a SID conflict. I should fix the uid check when adding a new user to also check in the Computers-container. Hopes this helps some people with similar problems.

Weblog comments

I just went through a lot of comments which was pending approval. The reason why I haven’t done this before is because I hadn’t noticed that I had pending messages. Though the last few months have been a bit on the slow side. If I had been blogging regular I might have noticed before. Most comments was to my old post about MP3 ripping in sound Juicer. A lot of good tips in between, I’m really sorry guys.

I had like 4000 spam messages which I had to dig through first :(

I’m planning on updating my weblog software soon, perhaps it becomes easier to manage.

Linksys WRT54GL

I’ve bought a Linksys wireless access point some time ago from FON, because I like the concept and it was really easy to setup also. Underneath is an embedded Linux controlling it all. Which is cool in itself.

But I have an IP phone which needs a big port range to be forwarded to it through the firewall. I wasn’t able to define port ranges in the FON webinterface, so to day I finally got the time to try install the software FON have build there product upon: Open Wrt.

What I’m really missing is: The Radius thing FON used. It was a really cool way of securing your wireless connection. I can see OpenWrt have optional packages for this support, but I would rather want it just to work.

Then a colleague pointed me to Coova, which like FON builds upon OpenWrt but it seems it focus on the Radius support. I’ll try that next week… if I got the time. One of Coova’s “Key Features” is traffic shaping, which I would like to play around with now that I have a ip-phone.

For now I’ll just enjoy that I finally got my ip-phone working againg after several months.

Weblog: Small cosmetic update

I just updated my style sheet so pre-tags containing long lines doesn’t mess with the layout. Pre-tags surrounds all code / terminal examples. I just added the the following line to my pre definition:

overflow: auto;

Stole the idea from Planet Gnome

Really I should update the software soon… I hope there isn’t to many security holes in this shit.

"My" VMware problem

Now I researched my VMware problem some more, and it has nothing to do with the link I posted in my last entry. Even though I had 2 versions of dbus installed at some point I think I actually removed the old version (a few hours) before installing VMware.

I looked at the start scripts and found that it checks for a file called /etc/vmware/not_configured, and if it exsist I refuses to start. After er manually removed it and loaded the kernel modules I actually got it all started, installed Windows XP, and rejoiced. It worked!! I could start my virtual machines.

… until my next reboot.

Now the not_configured-file was there again?

After “debugging” the vmware start-script I found that it failed when it bridged my ath0 -> vmnet0. I had also bridged my eth0 -> vmnet2.

I wasn’t able to remove the ath0 -> vmnet0 bridge with (or I couldn’t figure out how), so I uninstalled with and reinstalled, this time not bridgeing ath0. Now it works. Exactly why I doesn’t like my ath0 device seems to be the atheros drivers… but who knows. A search on the words “bridged network ath0” on VMwares forums gives a few resultsI can live with this for now.