[Samba] nss_winbind does not recognize group membership
petert at dcn.infos.ru
Mon Jul 24 11:21:30 GMT 2006
There is FreeBSD-6.1 box with gcc 3.4.4 compiler (the default).
The box is a member of an ADS domain. Everything was working perfectly with
After upgrading it to samba-3.0.23_1 from FreeBSD ports collection, the
following problem appeared.
The system does not seem to recognize that a user is a member of some domain
group, and does not grant him
appropriate permissions. For example, there is a directory test
#ls -al /tmp
drwxrwx--- 2 bill DOMAINNAME/algocod 512 Jul 24 14:16 test
#ls -anl /tmp
drwxrwx--- 2 20004 20014 512 Jul 24 14:16 test
There is a user jim who is a member of DOMAINNAME/algocode
#wbinfo -n jim
# wbinfo --user-domgroups S-1-5-21-2532163386-3195846559-1994112731-1107
# wbinfo -s S-1-5-21-2532163386-3195846559-1994112731-1144
# wbinfo -r jim
User jim should be able to read from test, and this was the case with
But now (with samba-3.0.23_1) it does not work:
jim$ ls /tmp/test/
ls: : Permission denied
However, jim is able to read from a directory which is owned by him.
log.winbindd contains a lot of messages like
[2006/07/24 15:12:19, 0] nsswitch/winbindd.c:request_len_recv(517)
request_len_recv: Invalid request size received: 1836
sizeof(winbindd_request) appears to be equal to 1840.
On the other hand, pam_winbind seems to work perfectly.
The version of nss library seems to be the same as the one of winbindd.
# ls -al /usr/local/lib/nss*
-r-xr-xr-x 1 root wheel 16664 Jul 24 13:39
-r-xr-xr-x 1 root wheel 748308 Jul 24 13:39 /usr/local/lib/nss_wins.so.1
# ls -al /usr/local/sbin/winb*
-rwxr-xr-x 1 root wheel 2129111 Jul 24 13:39 /usr/local/sbin/winbindd
My nsswitch.conf file looks as follows:
group: files winbind #compat
hosts: files dns
passwd: files winbind #compat
Does anybody know what does this all mean and how can it be fixed?
Many thanks in advance.
With best regards,
More information about the samba