[Samba] Winbind issues with UID and GID mappings

john john at gallaghernet.com
Fri May 6 18:50:19 GMT 2005 

I am having issues integrating a FC3 system with AD running on W2k3.  I can not
figure out why the user ID mappings and Group ID mappings are going stale. This
is a generic FC3 install with all of the latest updates.

login as: jgallagh
Sent username "jgallagh"
jgallagh at linman's password:
Last login: Fri May  6 08:14:23 2005 from 192.168.168.2
id: cannot find name for group ID 16777216
[jgallagh at linman ~]$ whoami
jgallagh
[jgallagh at linman ~]$ whoami
jgallagh
[jgallagh at linman ~]$ ssh bill at localhost
You don't exist, go away!
[jgallagh at linman ~]$ ssh jgallagh at localhost
You don't exist, go away!
[jgallagh at linman ~]$ whoami
whoami: cannot find username for UID 16777221
[jgallagh at linman ~]$


This is the log from this morning, I could not log into the system until I ran
both the getent passwd and getent group commands.  Then all worked fine, however
this will only last maybe 5 minutes.  Even when logged into the system after 5
minutes, I run whoami the system complains that it does not know who I am and it
always complains that it does not have the mappings for the group ID.  I believe
this is a winbind error....


login as: root
Sent username "root"
root at linman's password:
Last login: Thu May  5 22:55:44 2005 from 192.168.168.2
[root at linman ~]# ls -al /home/CORP/
total 60
drwxrwxrwx   5 root     root     4096 May  5 23:19 .
drwxr-xr-x   4 root     root     4096 May  5 08:18 ..
drwxr-xr-x   3 bill     16777216 4096 May  5 22:16 bill
-rw-r--r--   1 root     root     4256 May  5 23:27 foo
-rw-r--r--   1 root     root     2800 May  5 23:26 foo2
drwxr-xr-x   3 jgallagh 16777216 4096 May  5 23:18 jgallagh
drwxr-xr-x  12 mgill    16777216 4096 May  5 15:50 mgill
[root at linman ~]# tail -f /var/log/messages

May  6 11:35:51 linman sshd[4472]: Invalid user jgallagh from
::ffff:192.168.168.2
May  6 11:35:57 linman sshd[4472]: Failed password for invalid user jgallagh
from ::ffff:192.168.168.2 port 2235
May  6 11:36:19 linman sshd[4475]: Accepted password for root from
::ffff:192.168.168.2 port 2236
May  6 11:36:48 linman sshd[4472]: Failed password for invalid user jgallagh
from ::ffff:192.168.168.2 port 2235
May  6 11:36:54 linman sshd[4472]: Failed password for invalid user jgallagh
from ::ffff:192.168.168.2 port 2235

[root at linman ~]# getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
dbus:x:81:
floppy:x:19:
vcsa:x:69:
nscd:x:28:
rpm:x:37:
haldaemon:x:68:
utmp:x:22:
netdump:x:34:
slocate:x:21:
sshd:x:74:
rpc:x:32:
rpcuser:x:29:
nfsnobody:x:65534:
mailnull:x:47:
smmsp:x:51:
pcap:x:77:
xfs:x:43:
ntp:x:38:
gdm:x:42:
jgallagher:x:500:
HelpServicesGroup:x:16777220:SUPPORT_388945a0
TelnetClients:x:16777221:
Domain Computers:x:16777219:
Domain Controllers:x:16777218:
Schema Admins:x:16777222:Administrator
Enterprise Admins:x:16777223:Administrator
Cert Publishers:x:16777224:
Domain Admins:x:16777225:Administrator
Domain Users:x:16777216:
Domain Guests:x:16777217:
Group Policy Creator Owners:x:16777226:Administrator
RAS and IAS Servers:x:16777227:HQDC1$
DnsAdmins:x:16777228:
DnsUpdateProxy:x:16777229:
DHCP Users:x:16777230:
DHCP Administrators:x:16777231:
BUILTIN+System Operators:x:16777232:
BUILTIN+Replicators:x:16777233:
BUILTIN+Guests:x:16777234:
BUILTIN+Power Users:x:16777235:
BUILTIN+Print Operators:x:16777236:
BUILTIN+Administrators:x:16777237:
BUILTIN+Account Operators:x:16777238:
BUILTIN+Backup Operators:x:16777239:
BUILTIN+Users:x:16777240:
[root at linman ~]# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
jgallagher:x:500:500:John Gallagher:/home/jgallagher:/bin/bash
administrator:*:16777216:16777216:Administrator:/home/CORP/administrator:/bin/ba
sh
guest:*:16777217:16777217:Guest:/home/CORP/guest:/bin/bash
support_388945a0:*:16777218:16777216:SUPPORT_388945a0:/home/CORP/support_388945a
0:/bin/bash
hqdc1$:*:16777219:16777218:HQDC1:/home/CORP/hqdc1_:/bin/bash
krbtgt:*:16777220:16777216:krbtgt:/home/CORP/krbtgt:/bin/bash
jgallagh:*:16777221:16777216:John E. Gallagher:/home/CORP/jgallagh:/bin/bash
mgill:*:16777222:16777216:Mike Gill:/home/CORP/mgill:/bin/bash
linman$:*:16777223:16777219:linman:/home/CORP/linman_:/bin/bash
bill:*:16777224:16777216:Bill Tester:/home/CORP/bill:/bin/bash

/var/log/secure
May  6 11:37:12 linman sshd[4511]: Accepted password for jgallagh from
::ffff:192.168.168.2 port 2245

/var/log/messages

May  6 11:35:54 linman unix_chkpwd[4474]: check pass; user unknown
May  6 11:35:54 linman sshd(pam_unix)[4472]: authentication failure; logname=
uid=0 euid=0 tty=ssh ruser= rhost=192.168.168.2
May  6 11:35:54 linman pam_winbind[4472]: request failed: Wrong Password, PAM
error was 7, NT error was NT_STATUS_WRONG_PASSWORD
May  6 11:35:54 linman pam_winbind[4472]: user `jgallagh' denied access
(incorrect password or invalid membership)
May  6 11:36:19 linman sshd(pam_unix)[4477]: session opened for user root by
root(uid=0)
May  6 11:36:45 linman pam_winbind[4472]: request failed: Wrong Password, PAM
error was 7, NT error was NT_STATUS_WRONG_PASSWORD
May  6 11:36:45 linman pam_winbind[4472]: user `jgallagh' denied access
(incorrect password or invalid membership)
May  6 11:36:51 linman pam_winbind[4472]: request failed: Wrong Password, PAM
error was 7, NT error was NT_STATUS_WRONG_PASSWORD
May  6 11:36:51 linman pam_winbind[4472]: user `jgallagh' denied access
(incorrect password or invalid membership)
May  6 11:36:55 linman sshd(pam_unix)[4472]: 2 more authentication failures;
logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.168.2  user=jgallagh
May  6 11:37:12 linman sshd(pam_unix)[4511]: authentication failure; logname=
uid=0 euid=0 tty=ssh ruser= rhost=192.168.168.2  user=jgallagh
May  6 11:37:12 linman pam_winbind[4511]: user 'jgallagh' granted access
May  6 11:37:12 linman pam_winbind[4511]: user 'jgallagh' granted access
May  6 11:37:12 linman sshd(pam_unix)[4513]: session opened for user jgallagh by
(uid=0)
[root at linman ~]#

More information about the samba mailing list