[Samba] winbind gives differnt results depending on "winbind trusted domains only"

Andrew Watkins andrew at dcs.bbk.ac.uk
Wed Nov 2 17:47:10 GMT 2005 

Just notice a problem/bug with "winbind trusted domains only" and "getent passwd".

I get diffent results depending on the value of "winbind trusted domains only".

I.e.

Option 1 (NOT CORRECT!)
=======================
winbind trusted domains only = yes

# /usr/local/samba/bin/wbinfo -u | head -2
aabal01
aabed01

# /usr/local/samba/bin/wbinfo -u | wc
    5411    5411   42854
    

    
# getent passwd | wc
    4105   22082  356529	-- "which is ypcat passwd + /etc/passwd"
	

Option 2 (CORRECT!)
===================
winbind trusted domains only = no

# /usr/local/samba/bin/wbinfo -u | head -2
DCSNT\aabal01
DCSNT\aabed01


# /usr/local/samba/bin/wbinfo -u | wc
    5411    5411   42854
    
# getent passwd | wc
    9516   39948  807415  -- "which is ypcat passwd + /etc/passwd + wbinfo"
	

My smb.conf:
chaos# cat /usr/local/samba3020b/lib/smb.conf
[global]
        debuglevel = 1
        comment = %h Samba %v
        server string = %h Samba %v
        workgroup = DCSNT
        #realm = dcs.bbk.ac.uk
        hosts allow = 193.61.29. 193.61.28. 193.61.44.
        hosts deny = 0.0.0.0/0
        locking = yes
        password level = 10
        domain master = no
        local master = no
        os level = 80
        wins support = no
        wins server = 193.61.29.179
        password server = eros hades
        #security = ADS
        security = domain
        encrypt passwords = yes
        preserve case = yes
        short preserve case = yes
        nt acl support = Yes
        #invalid users = root
        #printer admin = andrew,root
        load printers = no
        #use client driver = Yes
        printcap name= lpstat
# Kill sess ion after 60min idle
        deadtime = 60
        #idmap backend = idmap_ad
        #winbind nss info = sfu
        winbind trusted domains only = yes
# idmap
        idmap uid = 60000-80000
        idmap gid = 60000-80000
        #winbind enum users = yes
        #winbind enum groups = yes
        template homedir = /home/winnt/%D/%U
        template shell = /bin/bash

[homes]
        path = %S
        browseable = no
        guest ok = no
        read only = no

[home]
        path = %H
        browseable = no
        guest ok = no
        read only = no

[tmp]
        path = /var/tmp
        browseable = yes
        guest ok = no
        read only = no

Any ideas

Andrew Watkins

More information about the samba mailing list