[Samba] Getent passwd and getent group fail / Samba 3.5.2

Oliver Weinmann oliver.weinmann at vega.de
Tue May 4 02:20:58 MDT 2010 

Hi all,

I just stepped over a problem where I can't add a local user to an AD group. Running getent passwd and getent group doesn't display the AD users. Wbinfo -g and -u work fine. Here is my smb.conf:

[global]
        netbios name = sles11test1
        realm = SOMEDOMAIN.NET
        workgroup = SOMEDOMAIN
        security = ADS
        encrypt passwords = yes
        password server = someserver.somedomain.net
        idmap backend = ad
        idmap config SOMEDOMAIN : backend = ad
        idmap config SOMEDOMAIN : schema_mode = sfu
        idmap config SOMEDOMAIN : range = 0-99999999
        winbind nss info = sfu
        winbind enum users = yes
        winbind enum groups = yes
        winbind offline logon = yes
        preferred master = no
        winbind nested groups = Yes
        winbind use default domain = Yes
        max log size = 50
        log file = /var/log/samba/log.%m
        log level = 3
        dns proxy = no
        wins server = 172.20.200.18 172.18.200.20
        allow trusted domains = No
        client use spnego = Yes
        kerberos method = secrets and keytab
        dedicated keytab file = /etc/krb5.keytab
        winbind refresh tickets = true
        idmap cache time = 1
        idmap negative cache time = 1
        winbind cache time = 1

In the log I get this error when running getent group:

tail -f /var/log/samba/log.winbindd-idmap
  Could not get unix ID
[2010/05/04 10:15:29.444783,  1] winbindd/idmap_ad.c:651(idmap_ad_sids_to_unixids)
  Could not get unix ID

Getent group and passwd works fine e.g. on an old ubuntu install with samba 3.3.2.

So far I have this problem on SLES9 and SLES11.

Oliver Weinmann
Unix and Storage Administrator

VEGA Deutschland GmbH & Co. KG
Europaplatz 5
64293 Darmstadt
Germany
Tel	: +49 (0)6151 8257-0
Fax	: +49 (0)6151 8257-799
Email	: oliver.weinmann at vega.de
Web	: www.vega.de



Registered office/Sitz: Köln, Register court/Registergericht: Köln, HRA 19223; Fully Liable Partner/Persönlich haftende Gesellschafterin: VEGA Deutschland Management GmbH, Registered office/Sitz: Köln, Register court/Registergericht: Köln, HRB 43189; Managing Directors/Geschäftsführer: Kurosch Balali, Sigmar Keller, John Lewis, Manfred Müller

Notice of Confidentiality

This transmission is intended for the named addressee only. It contains information which may be confidential and which may also be privileged.  Unless you are the named addressee (or authorised to receive it for the addressee) you may not copy or use it, or disclose it to anyone else.  If you have received this transmission in error please notify the sender immediately.

More information about the samba mailing list