[Samba] getent group by name fails
Lee Allen
lee at leecallen.com
Fri Oct 11 08:16:48 MDT 2013
Samba 3.6.17 joined to Samba 4.2.0 AD domain, using winbind
'wbinfo -g' and 'getent group' successfully list all groups.
'getent group 10006' returns:
domain users:x:10006:
'getent group "domain users"' fails with return code 2
partial log.winbind after above command:
[2013/10/11 10:01:31.288199, 3]
winbindd/winbindd_misc.c:384(winbindd_interface_version)
[31911]: request interface version
[2013/10/11 10:01:31.288288, 3]
winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir)
[31911]: request location of privileged pipe
[2013/10/11 10:01:31.288421, 3]
winbindd/winbindd_getgrnam.c:56(winbindd_getgrnam_send)
getgrnam domain users
[2013/10/11 10:01:31.288520, 3]
winbindd/winbindd_msrpc.c:252(msrpc_name_to_sid)
msrpc_name_to_sid: name=DOMAIN\USERS
[2013/10/11 10:01:31.288547, 3]
winbindd/winbindd_msrpc.c:266(msrpc_name_to_sid)
name_to_sid [rpc] DOMAIN\USERS for domain DOMAIN
if I specify the domain name, ie: 'getent group "ALLENLAN\\domain users"'
it still fails...
[2013/10/11 10:02:18.280728, 3]
winbindd/winbindd_misc.c:384(winbindd_interface_version)
[31925]: request interface version
[2013/10/11 10:02:18.280823, 3]
winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir)
[31925]: request location of privileged pipe
[2013/10/11 10:02:18.280940, 3]
winbindd/winbindd_getgrnam.c:56(winbindd_getgrnam_send)
getgrnam ALLENLAN\domain users
[2013/10/11 10:02:18.281033, 3]
winbindd/winbindd_msrpc.c:252(msrpc_name_to_sid)
msrpc_name_to_sid: name=ALLENLAN\DOMAIN\USERS
[2013/10/11 10:02:18.281060, 3]
winbindd/winbindd_msrpc.c:266(msrpc_name_to_sid)
name_to_sid [rpc] ALLENLAN\DOMAIN\USERS for domain ALLENLAN\DOMAIN
Note the missing space in "DOMAIN\USERS" in the logs. I don't know whether
this is relevant.
'getent passwd' does not have any such problems - it can query by UID or
username
smb.conf:
[global]
workgroup = ALLENLAN
realm = allenlan.net
password server = 192.168.0.13
preferred master = no
server string = zone-samba3
security = ads
encrypt passwords = yes
log level = 3
log file = /var/log/samba/%m
max log size = 50
printcap name = cups
printing = cups
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind nested groups = yes
winbind separator = \
idmap config * : backend = ad
idmap config * : range = 10000-100000
--
*Lee Allen*
More information about the samba
mailing list