[Samba] winbind not returning uid/gid

John Mancuso jkmancuso at gmail.com
Fri Feb 1 09:02:35 MST 2013


Really sorry to re-post but it looks like my thread has been buried and had
no responses.

I am using samba3.6 winbind to connect a RHEL5.8 linux box to a new Windows
Server 2012 Active Directory which has Unix Identity Mapping installed. So
I have all the
uidNumber/gidNumber stuff in the windows schema.

I am able to log in but I am not getting the right uid/gid. My AD uids start
at around 800. Apparently the ID mapping has changed again in samba 3.6.
https://wiki.samba.org/index.php/Samba_3.6_Features_added/changed#ID_Mapping_Changes

Looks like it's getting the proper shell and gid but not getting the proper
uid. Its just getting a number starting at 800 instead of the actual number.

[2013/02/01 00:51:38.469672,  1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
       wbint_QueryUser: struct wbint_QueryUser
          out: struct wbint_QueryUser
              info                     : *
                  info: struct wbint_userinfo
                      acct_name                : *
                          acct_name                : 'test15'
                      full_name                : *
                          full_name                : 'test15'
                      homedir                  : *
                          homedir                  : '/home/test15'
                      shell                    : *
                          shell                    : '/bin/csh'
                      primary_gid              : 0x000000000000032a (810)
                      user_sid                 :
S-1-5-21-1876082661-3791542598-1067495821-2113
                      group_sid                :
S-1-5-21-1876082661-3791542598-1067495821-513
              result                   : NT_STATUS_OK
[2013/02/01 00:51:38.470144, 10] winbindd/wb_sid2uid.c:56(wb_sid2uid_send)
  idmap_cache_find_sid2uid found 800
[2013/02/01 00:51:38.470217, 10] winbindd/wb_sid2gid.c:57(wb_sid2gid_send)
  idmap_cache_find_sid2gid found 800
[2013/02/01 00:51:38.470293, 10] winbindd/winbindd.c:678(wb_request_done)
  wb_request_done[15762:GETPWUID]: NT_STATUS_OK
[2013/02/01 00:51:38.470475, 10]
winbindd/winbindd.c:739(winbind_client_response_written)
  winbind_client_response_written[15762:GETPWUID]: delivered response to

Not even returning the proper gid (810) from the log above:

-bash-3.2$ id
uid=800(test15) gid=800(ops) groups=800(ops)

--------------------
Does my smb.conf file look correct? I'm not too familiar with configuring
it.

[global]
   workgroup = mycompany
   password server = pekdc01.mycompany.net
   realm = MYCOMPANY.NET
   security = domain
winbind nss info = rfc2307
#idmap config * : backend = ad #THIS PREVENTS WINBIND FROM CONNECTING
idmap config * : range = 800-900000
idmap config * : schema_mode = rfc2307
template shell = /bin/bash
   winbind use default domain = true
   winbind offline logon = false

--------------------
rpm version:

root at test:~ · 04:02 AM Thu Jan 31 ·
!548 # rpm -qa | grep samba
samba3x-common-3.6.6-0.129.el5
samba3x-client-3.6.6-0.129.el5
samba3x-winbind-3.6.6-0.129.el5


More information about the samba mailing list