[Samba] wbinfo not looking up groups in mixed MS NT/2k AD
Marcello Mezzanotti
marcello.mezzanotti at gmail.com
Fri Oct 14 20:31:25 GMT 2005
On Fri, 2005-10-14 at 10:14 -0300, Felipe Augusto van de Wiel wrote:
>
> Never saw this problem before, but looking at the logs,
> looks like your group entry does not have the proper field set,
> or the field is not right, in other words, it does not start
> with a "S-" like all the SID's.
>
> It is not much help, but perhaps could be a start,
> good luck! Kind regards,
3 brazilian guys talking in english :)
i have this problem too, i had squid auth on an AD for a long time but
suddenly this weekend, this kind of problem starts to occurs here, i
have squid using ntlm_auth restricting access to some groups, if in
ntlm_auth i substitute group name by SID itself, it works fine, i
believe other people out there have the same problem
some experience from myself
/usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
--require-membership-of=VILLAS+SQUID
USER PASSWORD
[2005/10/10 12:18:53, 0]
utils/ntlm_auth.c:get_require_membership_sid(237)
Winbindd lookupname failed to resolve VILLAS+SQUID into a SID!
ERR
/usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
--require-membership-of=S-1-5-21-1390067357-573735546-682003330-1524
USER PASSWORD
OK
[root at netuno root]# wbinfo -n "marcello.mezzanotti"
S-1-5-21-1390067357-573735546-682003330-1316 User (1)
[root at netuno root]# wbinfo -n "Domain Users"
Could not lookup name Domain Users
[root at netuno root]# wbinfo -g | grep Domain
Domain Computers
Domain Controllers
Domain Admins
Domain Users
Domain Guests
Exchange Domain Servers
RTCHSDomainServices
RTCDomainServerAdmins
RTCDomainUserAdmins
[root at netuno root]# getent group | grep Domain
Domain Computers:x:10006:
Domain Controllers:x:10009:
Domain
Admins:x:10003:marcello.mezzanotti,eduardotec,alexandreb,Administrator
Domain Users:x:10000:cristinag
Domain Guests:x:10014:Guest
Exchange Domain Servers:x:10017:MARTE$,MAIL$
RTCHSDomainServices:x:10008:
RTCDomainServerAdmins:x:10030:
RTCDomainUserAdmins:x:10031:
--
Marcello Mezzanotti <marcello.mezzanotti at gmail.com>
Information Security
UNIX / Linux / *BSD
More information about the samba
mailing list