[Samba] chown/chgrp for winbind users doesn`t work

Marc Muehlfeld Marc.Muehlfeld at medizinische-genetik.de
Thu Mar 8 12:41:02 GMT 2007


I have two Samba Domains and each trust each other (PDCs run 3.0.22). Also
I have a samba member server (3.0.24) that runs winbind. When I use wbinfo
I can see the user and groups of both domains. I also can chown/chgrp
files with users of the domain the server is member of. But I can`t
chown/chgrp with accounts of the trusted domain. chown doesn`t work at
all. chgrp works, but then only the gid (from winbind) is shown:

# chown "TRUSTDOM+muehlfeld" file.txt
chown: `TRUSTDOM+muehlfeld': invalid user

# chgrp "TRUSTDOM+group" file.txt
# ls -la file.txt
-rw-r--r--  1 root 10051 0 Mar  8 12:32 file.txt

I also have a Win2003r2 Member Server. When I add rights to a file for a
user of the trusted domain, I see the name. But when I close the window
and then open it again, the name of the user/group changed into the SID.

So I guess it`s a problem or misconfiguration from the two PDCs, and not
of the member servers.

This are my winbind settings:

        idmap backend = ldap:ldap://
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind separator = +
        winbind enum users = yes
        winbind enum groups = yes
        template homedir = /home/%U
        template shell = /bin/false
        winbind nested groups = yes
        winbind cache time = 300
        winbind nss info = template
        winbind use default domain = yes
        winbind trusted domains only = yes

Any idea what could be wrong?

Also one more question: Any plans, when winbind on a PDC could handle
local users and from the trusted domains?

Best regards
Marc Muehlfeld

Marc Muehlfeld
Zentrum fuer Humangenetik und Laboratoriumsmedizin Dr. Klein und Dr. Rost
Lochhamer Str. 29 - D-82152 Martinsried
Telefon: +49(0)89/895578-0 - Fax: +49(0)89/895578-78

More information about the samba mailing list