[Samba] Does not belong to our domain - messages

Wojciech Giel wojtekgiel at gmail.com
Mon Oct 18 03:45:31 MDT 2010 

Hello,
I have samba 3.4.8 sernet PDC and BDC with ldap backend on debian lenny. I
have joined a while ago two samba member server on opensolaris (3.0.37 and
3.0.34). Everything worked fine even now is working but from last week after
reboot of both samba members in winbind logs appear these messages after
invoking wbinfo -u:

# wbinfo -u
root
nobody
daniel
wojciech
chris
jan
...


# tail /varlog/samba/winbind.log
....
[2010/10/18 09:53:25, 0] passdb/pdb_ldap.c:(4216)
  sid S-1-5-21-2622244236-1008294448-3155893552-101348 does not belong to
our domain
[2010/10/18 09:53:25, 0] passdb/pdb_ldap.c:(4216)
  sid S-1-5-21-2622244236-1008294448-3155893552-103006 does not belong to
our domain
[2010/10/18 09:53:25, 0] passdb/pdb_ldap.c:(4216)
  sid S-1-5-21-2622244236-1008294448-3155893552-103004 does not belong to
our domain

What might be a problem?

thanks in advance.


My member server smb.conf
[global]

        workgroup = TEST
        netbios name = THOR
        server string = Samba Member Server v.%v
        enable privileges = yes
        username map = /etc/sfw/smbusers
        name resolve order = wins hosts bcast
        dns proxy = yes

        log file = /var/log/samba/%m.log
        max log size = 50
        syslog = 0
        log level = 1
        utmp = Yes

        security = domain
        encrypt passwords = true

        interfaces = aggr0, lo
        keep alive = 60
        wins server = 192.168.1.3
        winbind trusted domains only = yes

        allow trusted domains = yes

        passdb backend = ldapsam:"ldap://ravenfield.test.local
ldap://ravenhill.test.local"
        ldap suffix = dc=dil,dc=edu
        ldap user suffix = ou=People
        ldap group suffix = ou=Groups
        ldap machine suffix = ou=Computers
        ldap idmap suffix = ou=Idmap
        ldap admin dn = uid=samba,ou=DSA,dc=dil,dc=edu
        idmap backend = ldap:"ldap://ravenfield.test.local
ldap://ravenhill.test.local"
        idmap uid = 10000-20000
        idmap gid = 10000-20000

        acl check permissions = false
        map read only = yes
        map archive = no
        map system = no
        nt acl support = true
        create mask = 0700
        directory mask = 0700

        unix charset = LOCALE
        display charset = LOCALE

[homes]
        comment = Home Directories
        path = /home/%U
        read only = no
        browsable = no
        hide files = /*.ini/

More information about the samba mailing list