[Samba] winbind: group name doesn't map to a SID, but gid does

[Jonathan C. Detert]

I'm using winbind v3.0.22 on Debian Linux as a source for nss info.
I have a group that was once known by winbind, but is no more:

------ beging shell except ------
# ls -ld ./
drwxrws--- 10 root $MND000-TT227MV5K24I 4096 2006-05-10 15:41 ./
#
------ end    shell except ------

It must have been known, as I was the one who chgrp'ed the dir
originally.

I know what the group name is supposed to be.  When I look it up in
MsAD UsersNGroups, I see it has unix attribute gid = 29922.

"wbinfo -G 29922" produces the sid.

"wbinfo -s <thesid>" produces:
        the group's RID shown above, with domain name prefixed, and " 2"
        suffixed.

"wbinfo -n <posixgroupname>" produces:
        "Could not lookup name <posixgroupname>"

Pertinent smb.conf entries:

        winbind enum groups = yes
        winbind enum users = yes
        winbind nested groups = yes
        winbind separator = +
        winbind use default domain = yes
        winbind nss info = sfu
        idmap gid = 500-45000
        idmap uid = 500-45000
        idmap backend = ad

Any idea what is wrong?  I restarted winbind, but that didn't help.  I
stopped winbind, removed the winbindd_idmap.tdb, and then restarted
winbind, but the groupname is still not found.
-- 
Happy Landings,

Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.