[Samba] could not read attribute 'msSFU30UidNumber'

Joshua Rusch samba at strongwords.org
Fri Oct 20 19:46:13 GMT 2006


I'm using samba 3.0.23c, and having a bit of trouble getting it to play nice 
with my active directory. I'm using Windows Small Business Server 2003 with 
the SFU 3.5 NIS server/schema extensions installed. I have samba configured 
to use ad as the idmap backend, and sfu for nss info. 

When running getent passwd, only a few active directory users show up, and I 
get lots of errors like this in my winbind log: 

[2006/10/20 15:33:49, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309)
 ad_idmap_get_id_from_sid: ads_pull_uint32: could not read attribute 
[2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(85) 
error getting user id for sid S-1-5-21-1020778807-1917943211-1564386419-1158
[2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_getpwent(711)
 could not lookup domain user TestUser 

wbinfo -u prints out all my users
wbinfo -g prints out all my groups
getent group prints out all my groups and their unix IDs
getent -r username seems to get the correct user group unix ids for all the 
users, even the ones that don't see to be able to have their SID converted 
to a UID. 

Anyone have any ideas? 

The most relevant section of my smb.conf is 

encrypt passwords = yes
  idmap uid = 10000-20000
  idmap gid = 10000-20000
  idmap backend = ad
  winbind enum users = yes
  winbind enum groups = yes
  winbind nss info = sfu
  winbind use default domain = yes
  winbind separator = # 

Let me know what other information I can provide if I've left something 
relevant out. 



More information about the samba mailing list