winbind, uid.c, Take Ownership and local samba users... something's fishy

jtrostel at jtrostel at
Thu Sep 27 14:44:26 GMT 2001

Yeah... there seems to be something strange going on here.

debug statements in samba show the following values:

global_myworkgroup => CEO
global_myname => JTSDEVEL

These are the domain and machine name (respectively) for the SAMBA server.

_lsa_unk_get_connuser username => jt
_lsa_unk_get_connuser domain   => JTSNT

These are the _workgroup_ and username for the user connecting to SAMBA.

When I get passed into uid.c/lookup_name, winbind _thinks_ it finds a domain
name (it appears):
        lookup_name (winbindd): CEO\jt -> SID S-1-5-21-.... (type 8)

The problem is that there is no user 'jt' in the CEO domain.  When I run
'getent passwd' on the SAMBA server, I get:


with NO CEO+jt in the list.

It looks like winbind_lookup_name succeeds with CEO\jt instead of failing... It
looks like it _should_ fail if the code lower down in uid.c is going to
validate the user 'jt' locally....

I'll look at this a bit more... but it's getting late here now.

On 27-Sep-2001 David Almeida wrote:
> The Explorer after it issues a LSA_UNK_CONN_USR takes the DOMAIN/user string
> from that call and issues a subsequent LSA_LOOKUP_NAMES call. In the
> relevant thread the function lookup_name in uid.c passes the LOOKUP names
> command to the Winbindd Daemon for process to the PDC. If the PDC does not
> return a valid RID, then the code then examines the local database for a
> match. If this fails, then an Unknown user error message is passed back to
> the explorer. Hence the message you see.
> Dave Almeida

John M. Trostel
Senior Software Engineer
Quantum / SnapAppliances
jtrostel at

More information about the samba-technical mailing list