[Samba] Failing identification of users in trusted domains?
NdK
ndk.clanbo at gmail.com
Wed Nov 30 00:54:17 MST 2011
Hi all.
I'm getting mad at this.
I use winbind to authenticate users in multiple domains from AD. The
config worked well, before upgrading from 3.5.3 to 3.5.10 in Mandriva.
Now, if I 'winbind -i user.name' (so using the joined domain PERSONALE)
I get the correct info, but if I do a 'winbind -i
STUDENTI\\another.name' the answer is a 'Could not get info for user
STUDENTI\another.name'...
On other machines, the same config works well.
I already tried uninstalling samba (both -winbind and -common), removing
/etc/samba, /var/cache/samba and /var/lib/samba then reinstalling after
copying /etc/samba/smb.conf from a working machine and rejoining.
Doing a tail -f /var/log/samba/* I could see the following:
[2011/11/28 11:43:51.053242, 10]
winbindd/winbindd_cache.c:536(refresh_sequence_number)
refresh_sequence_number: PERSONALE time ok
[2011/11/28 11:43:51.053578, 10]
winbindd/winbindd_cache.c:581(refresh_sequence_number)
refresh_sequence_number: PERSONALE seq number is now 343528996
[2011/11/28 11:43:51.053681, 10]
winbindd/winbindd_cache.c:913(wcache_save_name_to_sid)
wcache_save_name_to_sid: STUDENTI\DIEGO.ZUCCATO2 ->
S-1-5-21-790525478-1035525444-682003330-86279 (NT_STATUS_OK)
[2011/11/28 11:43:51.053756, 10]
winbindd/winbindd_cache.c:935(wcache_save_sid_to_name)
wcache_save_sid_to_name: S-1-5-21-790525478-1035525444-682003330-86279
-> diego.zuccato2 (NT_STATUS_OK)
[2011/11/28 11:43:51.053805, 1]
../librpc/ndr/ndr.c:251(ndr_print_function_debug)
wbint_LookupName: struct wbint_LookupName
out: struct wbint_LookupName
type : *
type : SID_NAME_USER (1)
sid : *
sid :
S-1-5-21-790525478-1035525444-682003330-86279
result : NT_STATUS_OK
[2011/11/28 11:43:51.053997, 4]
winbindd/winbindd_dual.c:1532(fork_domain_child)
Finished processing child request 63
[2011/11/28 11:43:51.054045, 10]
winbindd/winbindd_dual.c:1548(fork_domain_child)
Writing 3532 bytes to parent
[2011/11/28 11:43:51.054113, 10] lib/events.c:183(get_timed_events_timeout)
==> log.winbindd <==
[2011/11/28 11:43:51.054550, 5]
winbindd/winbindd_getpwnam.c:138(winbindd_getpwnam_recv)
Could not convert sid S-1-5-21-790525478-1035525444-682003330-86279:
NT_STATUS_UNSUCCESSFUL
[2011/11/28 11:43:51.054670, 10] winbindd/winbindd.c:655(wb_request_done)
wb_request_done[17597:GETPWNAM]: NT_STATUS_UNSUCCESSFUL
It seems my account in STUDENTI gets written to cache, but then winbind
doesn't read it back ???? And why is the name all upper case when I
wrote it lower case?
Any hints?
Tks!
BYtE,
Diego.
More information about the samba
mailing list