[Samba] wbinfo works fine, getent only works for builtin groups
Robert Fraser
rab.fraser at gmail.com
Mon Aug 25 13:02:32 GMT 2008
Hi
I am having a lot of trouble getting users from a trusted domain to access
shares and files. getent passwd / get group doesn't retrieve domain users
or groups, so I can't set permissions for the users or groups from the
trusted domain
The domain having problems is:
Ubuntu 6.06 Server
Samba Version 3.0.22
The trusted domain is:
Ubuntu 8.04 Server
Samba Version 3.0.28a
wbinfo -u and wbinfo -g work fine and bring up a list of the trusted domain
users and groups
wbinfo --sid-to-name=SID, --authenticate=user%password, -t,
--trusted-domains all work fine for the local domain and the trusted domain
When I do a getent passwd, I only get the local /etc/passwd users
When I do a getent group, I get the local /etc/group groups, and the
BUILTIN\administrators and BUILTIN\users
After a getent, log.winbind is full of entries like this:
[2008/08/26 00:29:10, 10] nsswitch/winbindd_group.c:winbindd_getgrent(1006)
SID S-1-5-21-2824201121-3407686785-855272569-3033 not in idmap
[2008/08/26 00:29:10, 1] nsswitch/winbindd_group.c:winbindd_getgrent(1011)
could not look up gid for group CADUsers
[2008/08/26 00:29:10, 10] nsswitch/winbindd_group.c:winbindd_getgrent(961)
entry_index = 3, num_entries = 8
[2008/08/26 00:29:10, 10]
nsswitch/idmap_cache.c:idmap_cache_set_negative_sid(258)
Adding cache entry with key =
IDMAP/SID/S-1-5-21-2824201121-3407686785-855272569-3039; value =
1219667470/IDMAP/NEGATIVE and timeout = Tue Aug 26 00:31:10 200
8 (120 seconds ahead)
[2008/08/26 00:29:10, 10] nsswitch/winbindd_group.c:winbindd_getgrent(1006)
SID S-1-5-21-2824201121-3407686785-855272569-3039 not in idmap
[2008/08/26 00:29:10, 1] nsswitch/winbindd_group.c:winbindd_getgrent(1011)
could not look up gid for group dundirectors
[2008/08/26 00:29:10, 10] nsswitch/winbindd_group.c:winbindd_getgrent(961)
entry_index = 4, num_entries = 8
[2008/08/26 00:29:10, 10]
nsswitch/idmap_cache.c:idmap_cache_set_negative_sid(258)
Adding cache entry with key =
IDMAP/SID/S-1-5-21-2824201121-3407686785-855272569-513; value =
1219667470/IDMAP/NEGATIVE and timeout = Tue Aug 26 00:31:10 2008
(120 seconds ahead)
[2008/08/26 00:29:10, 10] nsswitch/winbindd_group.c:winbindd_getgrent(1006)
SID S-1-5-21-2824201121-3407686785-855272569-513 not in idmap
[2008/08/26 00:29:10, 1] nsswitch/winbindd_group.c:winbindd_getgrent(1011)
could not look up gid for group Domain Users
[2008/08/26 00:29:10, 10] nsswitch/winbindd_group.c:winbindd_getgrent(961)
entry_index = 5, num_entries = 8
[2008/08/26 00:29:10, 10]
nsswitch/idmap_cache.c:idmap_cache_set_negative_sid(258)
Adding cache entry with key =
IDMAP/SID/S-1-5-21-2824201121-3407686785-855272569-3029; value =
1219667470/IDMAP/NEGATIVE and timeout = Tue Aug 26 00:31:10 200
8 (120 seconds ahead)
Can anyone suggest what I can do to fix this?
Thanks for any help
Rob
More information about the samba
mailing list