[Samba] Samba 3.6.0: unable to list Active Directoy users "WBC_ERR_DOMAIN_NOT_FOUND"

Mon Aug 15 09:57:40 MDT 2011

I am also experiencing the same problems.  I am running 3.6 on AIX 6.1.  I do have a 3.5.8 installation running without problem (I understand some major changes have happened.)  I took the smb.conf from my 3.5.8 install and changed appropriately for 3.6 (At least as far as I catell).

I followed the steps Michael posted on the bug report.

/usr/local/samba/bin/wbinfo -t
checking the trust secret for domain MYDOMAIN via RPC calls succeeded

/usr/local/samba/bin/wbinfo -n MYDOMAIN+peacocjo
S-1-5-21-4260745004-1716061493-1944009462-4325 SID_USER (1)

/usr/local/samba/bin/wbinfo -s S-1-5-21-4260745004-1716061493-1944009462-4325
MYDOMAIN+peacocjo 1

/usr/local/samba/bin/wbinfo -S S-1-5-21-4260745004-1716061493-1944009462-4325
failed to call wbcSidToUid: WBC_ERR_WINBIND_NOT_AVAILABLE Could not convert sid S-1-5-21-4260745004-1716061493-1944009462-4325 to uid

I have the logs if you would like me to attach them to a the same bug report or open a new one?

SMB.CONF

[global]                                                                                                                                                                                                                                     
   workgroup = MYDOMAIN                                                                                                                                                                                                                 
   server string = %h server (Samba)                                                                                                                                                                                                 
   dns proxy = no                                                                                                                                                                                                                            

#### Debugging/Accounting ####                                                                                                                                                                                                               
   loglevel = 10
   log file = /var/log/samba/log.%m                                                                                                                                                                                                          
   max log size = 1000                                                                                                                                                                                                                       
#   syslog only = yes                                                                                                                                                                                                                     

# We want Samba to log a minimum amount of information to syslog. Everything                                                                                                                                                                 
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log                                                                                                                                                                    
# through syslog you should set the following parameter to something higher.                                                                                                                                                                 
#   syslog =  10                                                                                                                                                                                                                               

####### Authentication #######                                                                                                                                                                                                               

        security = ADS                                                                                                                                                                                                                       
        realm = MYDOMAIN.ORG
        winbind enum users = yes
        winbind enum groups = yes
#        winbind use default domain = yes
        winbind nested groups = yes
        winbind separator = +
        allow trusted domains = no
        idmap config * : backend = tdb
        idmap config * : range = 20000-60000
        idmap config MYDOMAIN : backend = rid
        idmap config MYDOMAIN : range = 60000-50000000
        encrypt passwords = yes
        template homedir = /home/%u
        template shell = /bin/bash
        restrict anonymous = 2
        socket options = TCP_NODELAY
        deadtime = 10

########## Printing ##########

load printers = no
domain master = no
local master = no
usershare allow guests = no
browseable = no

Josh Peacock
UNIX Administrator

-----------------------------------------------------------------------
Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
privileged and confidential information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy
all copies of the original message.