winbind wbcGetpwnam WBC_ERR_DOMAIN_NOT_FOUND
samba at tlinx.org
Wed Aug 24 00:14:22 MDT 2011
Shirish Pargaonkar wrote:
> A call to wbcGetpwnam() with BUILTIN\Administrators
> name (string) returns error 7 (WBC_ERR_DOMAIN_NOT_FOUND).
> I tried just Administrators and got the same error.
> Same error with user (string) Everyone also.
I've noticed this problem as well...
In fact, every one of the well-known addresses that I manually added
(and are still listed, and mapped to local groups) are unavailable
for use at any client. Very sad since I went to the trouble
of creating all the local groups for these that Samba refuses to
return them even though they are defined.
Is this something else that needs a patch?
This is what I see for a net groupmap list (massaged a bit...):
GID |UnixGroup |NTGroup |Grp_Type |SID
--- |--------- |-- ------- |-------- |---
513 |Domain Users |Domain Users
516 |Domain Controllers |Domain Controllers
551 |Backup Operators |Backup Operators
547 |Power Users |Power Users
517 |Cert Publishers |Cert Publishers
552 |Replicators |Replicators
544 |Administrators |Administrators
514 |Domain Guests |Domain Guests
548 |Account Operators |Account Operators
518 |Schema Admins |Schema Admins
10123 |BUILTIN\ras servers |RAS Servers |Local
512 |Domain Admins |Domain Admins
515 |Domain Computers |Domain Computers
500 |Domain Administrator |Domain Administrator
550 |Print Operators |Print Operators
546 |Guests |Guests
501 |Domain Guest |Domain Guest
519 |Enterprise Admins |Enterprise Admins
Yet clients only see 'RAS Servers' out of these groups.
Before, when I had 'trusted domains only' turned on, I believe
that caused a problem showing my own groups as well as the
BUILTIN groups, as my domain's name is mixed case,
and samba doesn't play the way Windows does with such...
So (upper+lower case domain) 'Bliss' couldn't talk to
'BLISS or BUILTIN but instead looked for '*' ...which was
Started happening in 3.6 due to change in backend...
continued to happen in 3.5.10, due to mangled DB...
which seems like there are no tools to unmangle.
Like a way to set 'user' <-> 'uid' <-> SID
mappings in samba?
Seems like a basic. It's there for groups (though they aren't
(under what we love about the M5 and Samba probs, even though there's
"no off switch" they both keep on going...(still resolving my SID->UID,
just no usernames))...which means file serving is still working just can't
do much w/changing permissions on things...).
More information about the samba-technical