[PATCH] winbindd: error handling in rpc_try_lookup_sids3()

Stefan Metzmacher metze at samba.org
Tue Apr 4 12:13:37 UTC 2017

Am 04.04.2017 um 12:50 schrieb Ralph Böhme via samba-technical:
> On Mon, Apr 03, 2017 at 11:49:36AM -0700, Jeremy Allison wrote:
>> Ralph, trying to push and I'm getting:
>> [655(3442)/2083 at 1h12s] idmap.alloc(ad_member_rfc2307)
>> Domain SAMBADOMAIN has SID S-1-5-21-3583314470-906957706-621714972
>> id: 66666: no such user
>> failed to call wbcStringToSid: WBC_ERR_INVALID_SID
>> Could not lookup sid S-1-5-21-3583314470-906957706-621714972\66666
>> Using non-existing SID S-1-5-21-3583314470-906957706-621714972-66666 to check no id allocation is done by the backend
>> wbinfo returned: S-1-5-21-3583314470-906957706-621714972-66666 -> uid/gid 1166666
>> UNEXPECTED(failure): idmap.alloc.wbinfo SID to xid returns unmapped for unknown SID(ad_member_rfc2307)
>> REASON: Exception: Exception:
>> Can you take a look (sorry).
> sorry for the hassle! Was only running make test TESTS=wbinfo on the last
> incarnation as I already have full private autobuilds running with additional
> sids2xids patches on top.
> The good thing is, that this actually found another hidden small bug. Patch 4/5
> fixes it.

Please don't push this, it's the wrong fix.

The fundamental problem is that I didn't understood that
find_lookup_domain_from_sid() always returns the primary domain
for all remote domains when we discussed commit

We need to use find_domain_from_sid_noinit() to get a possible fallback
for the domain name if wb_lookupsid_recv() fails.
state->single_domains[state->single_sids_done] is most likely wrong.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20170404/db259a9f/signature.sig>

More information about the samba-technical mailing list