[Samba] [IDMAP AD] Strange questions on uid/gid resolution.

Chun Kit Hui huichunkit.list at gmail.com
Tue Aug 22 16:16:12 GMT 2006 

Dear all,


I am using Win2003 with SFU 3.5 (not R2) as domain controller. I enabled the
UNIX attributes of several users and groups. I use idmap = ad to connect to
my Win2003 box and setup the winbind / nss accordingly. wbinfo -u / -g work
fine, getent passwd / group works fine, chown works fine, id <username>
works fine. But when I tries to use ls or groups <username>, it returns the
error "id: cannot find name for <GROUP>" and ls just shows the uid/gid
instead of the name.

Any ideas?

The config files / output are as follow:

Platform:
Debian sarge
samba from backports.org

samba version (smbd -V):
Version 3.0.22

smb.conf
idmap backend = ad:ldap://192.168.0.201
idmap uid = 50000-51000
idmap gid = 50000-51000
template shell = /bin/bash
template homedir = /home/%U
#winbind trusted domains only = Yes
winbind use default domain = yes
winbind nested groups = Yes
#winbind separator = "\"
winbind cache time = 10
winbind enum groups = Yes
winbind enum users = Yes
winbind nss info = template sfu

/etc/nsswitch.conf:
passwd:         compat winbind
group:          compat winbind
shadow:         compat

wbinfo -u:
Administrator
Guest
DC1$
krbtgt
testuser01
fileserver$
PC1$
PC2$
testuser02
testuser03

wbinfo -g:
HelpServicesGroup
TelnetClients
Domain Computers
Domain Controllers
Schema Admins
Enterprise Admins
Cert Publishers
Domain Admins
Domain Users
Domain Guests
Group Policy Creator Owners
RAS and IAS Servers
DnsAdmins
DnsUpdateProxy
WINS Users
Local_Staff
IT_Team
Counselling_Team
PasswordPropDeny

getent passwd:
administrator:x:10002:10002:Administrator:/home/administrator:/bin/sh
testuser01:x:10000:10002:User 01:/home/testuser01:/bin/sh
testuser02:x:10001:10002:User 02:/home/testuser02:/bin/sh
testuser03:x:10003:10002:User 03:/home/testuser03:/bin/sh

getent group:
Domain Users:x:10002:
Local_Staff:x:10004:testuser02
IT_Team:x:10000:

chown and chgrp succeeds

ls /home:
drwxr-xr-x   5 10000 10000  4096 2006-08-22 23:50 testuser01
drwxr-xr-x   3 10001 10000  4096 2006-08-22 11:31 testuser02
drwxr-xr-x   2 10003 10000  4096 2006-08-23 00:13 testuser03

groups testuser01:
id: cannot find name for group ID 10002


Sorry for a very very long appendix. :P
Any help will be highly appreciated!

Jacky in desperate

More information about the samba mailing list