[Samba] winbind with NSS backend incorrect convert UIDs to SIDs

[Vladimir Goncharov]

Hi

I have PDC on samba 3.0.10 with LDAP (OpenDirectory on MacOSX). I need configure fileserver(both NFS and SMB) in domain(samba 3.0.25a on Solaris)
Server get NSS information from LDAP(OpenDirectory) and winbind get UIDs from NSS: idmap backend = nss
Users authentication works fine. Users can use shares. I can view ACLs, but can't set it.
log:
> [2007/08/28 16:47:44, 0] smbd/posix_acls.c:create_canon_ace_lists(1423)
>  create_canon_ace_lists: unable to map SID S-1-5-21-3080563779-3861918993-2104958209-3150 to uid or gid.

> homes0# id viruzzz
> uid=1024(viruzzz) gid=80(admin)
Then i try convert my UID to SID
> homes0# wbinfo -U 1024
> S-1-22-1-1024
This SID looks very strange....
> homes0# wbinfo -S S-1-22-1-1024
> Could not convert sid S-1-22-1-1024 to uid
And this SID not converted backward to UID :(

this is my config:
> [global]
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> debug level = 3
> idmap domains = default appek
> idmap backend = nss
> workgroup = appek
> netbios name = filebox
> server string = Homes
> load printers = no
> inherit acls = Yes
> map acl inherit = Yes
> nt acl support = yes
> max log size = 500
> security = domain
> password server = xsrv
> encrypt passwords = yes
> unix charset = UTF-8
> delete readonly = no
> dns proxy = no
> wins server = 192.168.8.3
> name resolve order = wins lmhosts host bcast
> log file = /opt/samba/var/log.%m_%U
> local master = yes
> domain master = no 
> preferred master = no 
> host msdfs = yes

Sorry for my english.