[Samba] Problem with winbind's NSS module losing name mappings

Mike Crawford mcrawford at somat.com
Fri Aug 1 19:13:59 GMT 2008

I'm having an odd problem with the winbind NSS module losing name to  
ID number mappings after time, and I'm not sure where to look from here.

The setup is an Windows 2000 (SBS) setup as an AD domain server, and  
an Ubuntu 7.10 joined to the AD using winbind as a member server.

Authentication and name-to-ID mappings work great, and I never have  
any problems with authentication at all, but after anywhere from 20  
minutes to 2 hours of being logged in UIDs and GIDs are no longer  

It used to be that if I logged out and back in, everything would be  
okay, but now it will resolve the name-to-ID mapping for the UID, but  
some of the GID mappings don't come up.  I've enabled RID, and all the  
ID mappings are consistent, so it never gives me a different one.   
I've tried it both with and without nscd, just to see if the caching  
daemon would help.

I've enabled detailed logging in the past, but haven't been able to  
find anything that would even seem like it'd be this problem.

Any help or direction in this problem would be greatly appreciated.

smb.conf: http://pastebin.com/m3e7122a3

nsswitch.conf: http://pastebin.com/d108e369a

More information about the samba mailing list