[Samba] Samba 3.6.5, idmap configuration and WBC_ERR_DOMAIN_NOT_FOUND
Kevin Elliott
kevin_elliott at ci.juneau.ak.us
Tue Jul 10 11:56:44 MDT 2012
Hello all,
I recently upgraded from Samba 3.5.6 (the version contained in Debian Stable) to Samba 3.6.5 (the version from Debian Backports) in an effort to closer track the current development to try and chase some long standing bugs out.
I think I've resolved one problem but introduced another. I'm getting the "WBC_ERR_DOMAIN_NOT_FOUND" when I try to perform a SID to UID lookup much like so:
city-liza-lnx:/var/log/samba# wbinfo -t
checking the trust secret for domain CBJ_NT via RPC calls succeeded
city-liza-lnx:/var/log/samba# wbinfo -n CBJ_NT+kevin_elliott
S-1-5-21-505306839-1977890393-20515302-14949 SID_USER (1)
city-liza-lnx:/var/log/samba# wbinfo -s S-1-5-21-505306839-1977890393-20515302-14949
CBJ_NT+kevin_elliott 1
city-liza-lnx:/var/log/samba# wbinfo -S S-1-5-21-505306839-1977890393-20515302-14949
failed to call wbcSidToUid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert sid S-1-5-21-505306839-1977890393-20515302-14949 to uid
This looks like it has all the markings of following bugreport:
https://bugzilla.samba.org/show_bug.cgi?id=8371#c5
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652679
Before I follow this upstream can someone sanity check my configs for me? I understand that much has changed between 3.5 and 3.6 regarding the idmaping.
[global]
workgroup = CBJ_NT
realm = CBJ.LOCAL
netbios aliases = CITY-LIZA-L90, CITY-LIZA
server string = External FTP Server
interfaces = 199.58.55.87/22, lo
bind interfaces only = Yes
security = ADS
obey pam restrictions = Yes
passdb backend = tdbsam
password server = 199.58.55.25, 199.58.55.50
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
client NTLMv2 auth = Yes
log level = 10
log file = /var/log/samba/log.%m
max log size = 2500
printcap name = cups
os level = 5
local master = No
domain master = No
wins server = 199.58.55.25
ldap ssl = no
winbind enum users = Yes
winbind enum groups = Yes
panic action = /usr/share/samba/panic-action %d
idmap config CBJ_NT:backend = rid
idmap config CBJ_NT:base_rid = 0
idmap config CBJ_NT:range = 10000-65533
idmap config LIBRARY:backend = rid
idmap config LIBRARY:base_rid = 0
idmap config LIBRARY:range = 65535-79999
winbind separator = +
winbind use default domain = Yes
[ftp]
comment = FTP directory
path = /var/ftp/pub/
valid users = "@CBJ_NT+domain users"
read only = No
create mask = 0775
directory mask = 0775
hide unreadable = Yes
Thank you for your consideration.
--
Kevin Elliott
Network Specialist
City and Borough of Juneau, MIS
(907) 586 - 0905
More information about the samba
mailing list