[Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

Ben Tisdall ben at redcircleit.com
Mon Jan 19 16:58:36 GMT 2009


Something is not right with the group mapping, but I am unsure what.

getent returns different a primary GID for a given user on each box and
the group mapping differs in each case:

Box A:

//user at host//:~$ getent group 10012
OURDOMAIN\domain users:*:10012:

Box B:

//user at host//:~$ getent group 10004
OURDOMAIN\domain users:*:10004:

When I do a long file listing winbindd is printing stuff like this:

[14855]: getpwuid 10082
Added timed event "async_request_timeout": 2ae2266d45b0
child daemon request 51
timed_events_timeout: 299/999987
process_request: request fn DUAL_UID2SID
[14254]: uid to sid 10082
uid = [10082]
Cache entry with key = IDMAP/UID/10082 couldn't be found
Query backends to map ids->sids
Query sids from domain OURDOMAIN
Fetching record UID 10082
Record UID 10082 not found
Query sids from domain SAMBASERVER
pdb_default_uid_to_rid: host has no idea of uid 10082
Storing response for pid 14257, len 3240
Destroying timed event 2ae2266d45b0 "async_request_timeout"
Retrieving response for pid 14257
uid2sid_recv: uid 10082 has sid S-1-22-1-10082
Could not find domain for sid S-1-22-1-10082



Ben Tisdall wrote:
> Hi all,
> 
> I have an odd situation on my hands:
> 
> * Two CentOS 5.2 boxes both joined to an AD domain.
> 
> * Same samba version (3.0.28-1.el5_2.1) smb.conf, only the netbios names
> differ
> 
> * Can enumerate users and groups using winbind -{u,g} on both.
> 
> * nss doesn't enumerate users & groups on one (same lib versions, same
> conf file).
> 
> //bentis at testukmcsstor1//:~$ rpm -qa | grep nss-
> nss-tools-3.12.2.0-2.el5.centos
> nss-3.12.2.0-2.el5.centos
> pkinit-nss-0.7.3-1.el5
> nss-3.12.2.0-2.el5.centos
> 
> Looks like this may be more of a libnss problem than a samba one, but
> can anyone suggest how I can start to troubleshoot?
> 
> Thanks in advance,
> 
> Ben Tisdall
> 
> 
> 
> 
> 
> 



More information about the samba mailing list