[Samba] Domain membership problem in OpenSuse 10.2

[Prajjwal P. Devkota]

Dear Everyone,

I am trying to use an OpenSuse 10.2 computer on a Windows 2000 domain
using winbind authentication (join to domain).  I added a few lines to
the smb.conf for extracting sfu attributes, and my smb.conf looks like
this:
[global]
                idmap backend = ad
                idmap gid = 1000-100000
                idmap uid = 1000-100000
                winbind uid = 16777216-33554431
                winbind gid = 16777216-33554431
                password server = dell.umn.org.np
                realm = UMN.ORG.NP
                workgroup = HQ
                security = ADS
                template homedir = /home/%D/%U
                template shell = /bin/bash
                usershare allow guests = No
                winbind refresh tickets = yes
                winbind cache time = 3600
                workgroup = HQ
                winbind use default domain = yes
                winbind enum users = Yes
                winbind enum groups = Yes
                winbind nested groups = Yes
                winbind nss info = sfu
                winbind offline logon = Yes
                winbind use default domain = yes
                debuglevel = 4
                log level = 4

I was able to easily view users and groups on the domain, and the group
info would be extracted easily.

I recently applied available patches to the computer, because there were
some issues with cdrom access for domain users, and Ximian evolution
connection to Microsoft exchange that went away only on updating.

However, now I can see uids for users, but the gids are not getting
resolved.  I am attaching sample output below:
        opensuse:~ # id prajjwal
        uid=10000(prajjwal) gid=10000
        groups=10000,10032,10133,10002,10117
        opensuse:~ # groups prajjwal
        id: cannot find name for group ID 10000
        10000 id: cannot find name for group ID 10032
        10032 id: cannot find name for group ID 10133
        10133 id: cannot find name for group ID 10002
        10002 id: cannot find name for group ID 10117
        10117

As samba-client and samba-winbind on the server were 3.0.23 even on
updating, I even tried manually downloading the latest rpms from the
opensuse ftp site and installing them.  However, my problem still
remains.  My installed samba packages are listed below:

        opensuse:~ # rpm -qa|grep samba
        kdebase3-samba-3.5.5-78
        yast2-samba-client-2.14.4-3
        yast2-samba-server-2.14.3-10
        samba-client-3.0.24-12.1.55
        samba-winbind-3.0.24-12.1.55

Extra information:

wbinfo -u and wbinfo -g both return proper domain user and group
listings.  wbinfo -p also returns a successful result.

After doing getent group for a particular group, then that group can get
resolved.  For example, continuing on the information provided above:
        opensuse:~ # getent group 'Domain Users'
        domain users:x:10000:guest
        opensuse:~ # groups prajjwal
        id prdomain users id: cannot find name for group ID 10032
        10032 id: cannot find name for group ID 10133
        10133 id: cannot find name for group ID 10002
        10002 id: cannot find name for group ID 10117
        10117
        opensuse:~ # id prajjwal
        uid=10000(prajjwal) gid=10000(domain users) groups=10000(domain
        users),10032,10133,10002,10117

As you can see, now the uid 10000 is resolved as Domain users, while
other groups are still not resolved.

All the other linux computers on my domain are running fine: I have got
centos 4, fedora core 5, and opensuse 10.2 running.

Can anyone help me get this problem sorted out?

Thanks a lot,
Prajjwal