[Samba] winbind and getent again

Victor Mataré matare at lih.rwth-aachen.de
Wed Nov 2 10:26:10 MDT 2011 

Hi everyone,

I'm trying to use winbind as nsswitch module on a domain member against a samba PDC, and it used to work fine with samba 3.4. But now after upgrading to 3.5.11, getent group/passwd don't show domain users/groups anymore. However wbinfo -g and wbinfo -u work as expected. Also:

# wbinfo -i matare
matare:*:50011:50000:Victor Mataré:/home/SGI/matare:/bin/false
# wbinfo -U 50011
S-1-5-21-154097467-3372353439-1977514440-3032
# wbinfo -G 50000
S-1-5-21-154097467-3372353439-1977514440-513
# wbinfo -s S-1-5-21-154097467-3372353439-1977514440-3032
SGI\matare 1
# wbinfo -s S-1-5-21-154097467-3372353439-1977514440-513
SGI\Domain Users 2

But getent passwd/group shows only local users. My smb.conf on the member looks like this:
[global]
        workgroup = SGI
        server string = Auerhahn
        security = domain
        password server = BUSSARD GIRLITZ
        log file = /var/log/samba/log.%m
        log level = 2 winbind:10
        max log size = 50
        winbind expand groups = 4
        winbind nested groups = yes
        winbind enum groups = yes
        winbind enum users = yes
        idmap uid = 50000-500000
        idmap gid = 50000-500000
        winbind use default domain = yes
        idmap config SGI:range = 50000-500000

I really don't see the problem the nss_winbind module might be having:

# strace -e trace=file getent group
execve("/usr/bin/getent", ["getent", "group"], [/* 40 vars */]) = 0
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/lib64/libc.so.6", O_RDONLY)      = 3
open("/usr/lib64/locale/locale-archive", O_RDONLY) = 3
open("/etc/nsswitch.conf", O_RDONLY)    = 3
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/lib64/libnss_files.so.2", O_RDONLY) = 3
open("/etc/group", O_RDONLY|O_CLOEXEC)  = 3
root:x:0:root
bin:x:1:root,bin,daemon
[... prints local UNIX groups ...]
postgres:x:70:
open("/etc/ld.so.cache", O_RDONLY)      = 4
open("/lib64/libnss_winbind.so.2", O_RDONLY) = 4
lstat("/tmp/.winbindd", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat("/tmp/.winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat("/var/cache/samba/winbindd_privileged", {st_mode=S_IFDIR|0750, st_size=4096, ...}) = 0
lstat("/var/cache/samba/winbindd_privileged/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0

And that's it. I also can't make out any error message in the logs, not even with log level 10. On the PDC and BDC, getent group works perfectly (also both via nss_winbind). Seriously, I'm out of ideas. Any pointer is greatly appreciated.


-- 
Victor Mataré
Sysadmin
Lehrstuhl für Ingenieur- und Hydrogeologie der RWTH Aachen
Lochnerstraße 4-20
52064 Aachen
Ph: +49-241-8096778
Fx: +49-241-8092280

http://www.lih.rwth-aachen.de

More information about the samba mailing list