[Samba] "gid of user xxx doesn't exist" error repeatedly posted to /var/messages

Fred Nuffer fnuffer at email.arizona.edu
Tue Feb 20 17:34:17 GMT 2007

Hello All,

Samba is posting the following error messages repeatedly during user 

Feb 20 09:35:50 SUMSRVR smbd[27950]: [2007/02/20 09:35:50, 0] 
Feb 20 09:35:50 SUMSRVR smbd[27950]:   get_alias_user_groups: gid of 
user xxx doesn't exist. Check your /etc/passwd and /etc/group files

It does not appear to be causing any problems, just hitting my log files 
fairly often.

I can cause it to cease by mapping the user's private group to a domain 
	# net groupmap add unixgroup=xxx ntgroup=xxx
However, once a user's private group is mapped to a domain group of the 
same name, any attempts to edit the user in User Manager for Domains 
results in the error message "The following error occurred changing the 
properties of user xxx: The group name could not be found."

I can avoid that error message by mapping all users' private groups to 
domain groups that share a name:
	# net groupmap add unixgroup=xxx ntgroup=privategroup
	# net groupmap add unixgroup=yyy ntgroup=privategroup
	# net groupmap add unixgroup=zzz ntgroup=privategroup
This has the unfortunate side effect of making the "delete group script" 
in smb.conf extremely painful, as I must delete group mappings using the 
sid instead of the group name.

Additionally, I can avoid the error message by mapping users' private 
groups to domain groups with similar names:
	# net groupmap add unixgroup=xxx ntgroup=zxxx
The only side effect of this method appears to be populating the group 
display of User Manager for Domains with useless groups.

(Red Hat EL 4)  uname -a: 2.6.9-42.0.8.ELsmp #1 SMP Tue Jan 23 13:01:26 
EST 2007 i686 i686 i386 GNU/Linux
(Samba)	        smbd -V: Version 3.0.10-1.4E.11

smb.conf (sanitized)
# Global parameters
	workgroup = SUMSVR_DOMAIN
	server string = Samba Server for SUMSVR
	interfaces = a.b.c.d
	username map = /etc/samba/smbusers
	private dir = /etc/samba
	passdb backend = tdbsam
	log level = 1
	log file = /var/log/samba/%m.log
	max log size = 50
	deadtime = 15
	logon drive = H:
	logon home = \\%L\%U
	logon path =
	logon script = scripts\%U.vbs
	domain logons = Yes
	os level = 60
	preferred master = Yes
	domain master = Yes
	dns proxy = No
	wins support = Yes
	ldap ssl = no
	passwd program = /usr/bin/passwd %u
	smb ports = 139
	strict locking = no
	lock spin time = 15
	lock spin count = 30
	veto oplock files = /*.mdb/*.MDB/*.xls/*.XLS/*eudora*/
	write cache size = 262144
	passwd chat = *new*password* %n\n*new*password* %n\n *changed*
	check password script = /usr/bin/crackcheck -c -d /usr/lib/cracklib_dict

Any ideas?  Any help would be appreciated.

Best regards,

L. Fred Nuffer
Support Systems Analyst, Senior
Parking and Transportation Services
Email:  fnuffer at email.arizona.edu

More information about the samba mailing list