[Samba] RE: To winbind or not to winbind.

[Chavez, James R.]

-----Original Message-----
From:
samba-technical-bounces+james.chavez=sanmina-sci.com at lists.samba.org
[mailto:samba-technical-bounces+james.chavez=sanmina-sci.com at lists.samba
.org] On Behalf Of William Jojo
Sent: Wednesday, March 11, 2009 3:51 PM
To: samba-technical at samba.org
Subject: To winbind or not to winbind.


The subject pretty much says it all. I know that I need winbindd when
running Samba in ADS mode as a DMS to AD, otherwise nothing works right.

I was playing in Ubuntu 8.04.2 which has 3.0.28a (trying to stay pure on
this box) default winbindd on. Well, when I try to set ACLs on a file
(ext3, ea support on, acls and extended_xattr) with winbind on I get no
error when I apply the change, but the Windows XP side shows no change
but the Samba log shows:

[2009/03/11 18:39:22, 0] smbd/posix_acls.c:create_canon_ace_lists(1438)
  create_canon_ace_lists: unable to map SID
S-1-5-21-XXXXXXXXXXXX-XXXXXXXXXXX-XXXXXXXXXXXX-1412 to uid or gid.

Then I turn winbindd off and everything is perfect - no problems, acl is
applied and the refresh on the Windows side concurs with the Ubuntu
side.


Is this by design? I always thought that winbindd running was not a
hindrance, util now. In fact I thought I recalled a few threads where is
was recommended that winbindd run no matter what your setup.

Can someone elaborate or point to a place where I missed the
elaboration?


:-) :-)

Cheers,
Bill 

_____________

Don't mean to jump on this but... is it necessary or recommended to have
Winbind running when your box is acting as an ADS member server?
You say nothing works right? Maybe this is the cause of some of the
inermittent issues I have..
Can anyone elaborate. I thought I did not need Winbind..I do not use it
and everything seems to work great but from time to time I get no
password server available to validate. Might not be related..

Thanks
James

CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail message, you are hereby notified that any dissemination, distribution or copying of this e-mail message, and any attachments thereto, is strictly prohibited.  If you have received this e-mail message in error, please immediately notify the sender and permanently delete the original and any copies of this email and any prints thereof.
ABSENT AN EXPRESS STATEMENT TO THE CONTRARY HEREINABOVE, THIS E-MAIL IS NOT INTENDED AS A SUBSTITUTE FOR A WRITING.  Notwithstanding the Uniform Electronic Transactions Act or the applicability of any other law of similar substance and effect, absent an express statement to the contrary hereinabove, this e-mail message its contents, and any attachments hereto are not intended to represent an offer or acceptance to enter into a contract and are not otherwise intended to bind the sender, Sanmina-SCI Corporation (or any of its subsidiaries), or any other person or entity.