Is there some way to force winbindd to use msrpc rather than ads?

Michael Adam obnox at
Tue Jun 4 14:54:55 MDT 2013

Hi Richard,

On 2013-06-04 at 12:04 -0700, Richard Sharpe wrote:
> On Mon, Jun 3, 2013 at 10:13 PM, Volker Lendecke
> <Volker.Lendecke at> wrote:
> > On Mon, Jun 03, 2013 at 09:25:07PM -0700, Richard Sharpe wrote:
> >> Hi folks,
> >>
> >> I am having a problem were we cannot use ADS for querying the DCs but
> >> winbinds seems to always want to do that. This causes the following
> >> problems:
> >
> > winbind rpc only = yes
> Thank you. This works, but there is one unusual aspect.
> On two machines with the same code I see differing results when I use
> 'wbinfo -i SOMEDOM\\someuser'.
> While authentication now works (when it didn't before adding that
> parameter) on one machine the above wbinfo command works for all the
> cases I have tried, while on the other machine it does not work for
> any account. It gives me:
> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
> Could not get info for user CENSORED_DOM\CENSORED_USER

What is the difference between the two machines?
Could you describe in a little more detail what the
setups are? smb.conf, domain setup, etc.
Are the two machines joined to the same domain? ...

> The user does, however, exist, and the domain and user used are the
> same on each machine.
> Why might this be? Does the wbinfo command use different pathways than
> what smbd does?

Well the wbinfo -i is mostly what is used for the
implementation of the getpwnam command in libnsswinbind.
smbd uses other codepaths for most purposes (since it
rarely needs to take all the roundtrips that are implied
by the nss interface).

Cheers - Michael

More information about the samba-technical mailing list