[Samba] winbind: homeDirectory being ignored

Brian Candler b.candler at pobox.com
Tue Jun 24 09:07:39 MDT 2014 

 > Remove:
 > objectClass: posixGroup
 > from Domain Users and
 > objectClass: posixAccount
 > from User8.

Done. No difference.

 > Add:
 > uidNumber: 1008
 > to User8?

It was already there. I've also tried deleting /var/cache/samba/* and 
restarting winbindd, although simply restarting winbindd seems to be 
sufficient - that is, after restart there's a noticeable fraction of a 
second between running getent and seeing the reply.

I'm now attempting to find some sensible logging. On the client side 
I've set

   log level = 10

and I get a lot of noise (apparently not including the actual LDAP 
queries sent and replies received), but within it:

        wbint_QueryUser: struct wbint_QueryUser
           out: struct wbint_QueryUser
               info                     : *
                   info: struct wbint_userinfo
                       acct_name                : *
                           acct_name                : 'user8'
                       full_name                : *
                           full_name                : 'user8'
                       homedir                  : NULL
                       shell                    : *
                           shell                    : '/bin/bash'
                       primary_gid              : 0x00000000000003f0 (1008)
                       user_sid                 : 
S-1-5-21-399808871-116543423-1949263926-1127
                       group_sid                : 
S-1-5-21-399808871-116543423-1949263926-513
               result                   : NT_STATUS_OK

(So it looks like the gid (1008) has been found; homedir is still blank 
though)

   wcache_save_sid_to_name: S-1-5-21-399808871-116543423-1949263926-513 
-> ADTEST\Domain Users (NT_STATUS_OK)
[2014/06/24 17:49:35.599686,  1, pid=29560, effective(0, 0), real(0, 0)] 
../librpc/ndr/ndr.c:333(ndr_print_function_debug)
        wbint_LookupSid: struct wbint_LookupSid
           out: struct wbint_LookupSid
               type                     : *
                   type                     : SID_NAME_DOM_GRP (2)
               domain                   : *
                   domain                   : *
                       domain                   : 'ADTEST'
               name                     : *
                   name                     : *
                       name                     : 'Domain Users'
               result                   : NT_STATUS_OK

(So it looks like it knows group 1008 = Domain Users)

Also possibly relevant:

   Search for 
(|(attributeId=1.3.6.1.1.1.1.0)(attributeId=1.3.6.1.1.1.1.1)(attrib
uteId=1.3.6.1.1.1.1.3)(attributeId=1.3.6.1.1.1.1.4)(attributeId=1.3.6.1.1.1.1.2)
(attributeId=0.9.2342.19200300.100.1.1)) in 
<CN=Schema,CN=Configuration,DC=adtes
t,DC=int,DC=example,DC=net> gave 6 replies
         OID 1.3.6.1.1.1.1.3 has name: unixHomeDirectory
         OID 0.9.2342.19200300.100.1.1 has name: uid
         OID 1.3.6.1.1.1.1.4 has name: loginShell
         OID 1.3.6.1.1.1.1.2 has name: gecos
         OID 1.3.6.1.1.1.1.0 has name: uidNumber
         OID 1.3.6.1.1.1.1.1 has name: gidNumber
...
[2014/06/24 17:49:35.418917, 10, pid=29560, effective(0, 0), real(0, 0), 
class=winbind] 
../source3/winbindd/winbindd_cache.c:4850(nss_get_info_cached)
   result:
         homedir = '(null)'
         shell = '/bin/bash'
         gecos = '(null)'
         gid = '1008'

(I note that RFC2307 calls nisSchema.1.3 "homeDirectory" not 
"unixHomeDirectory", but I don't know if that's important)

Pretty stuck now.

More information about the samba mailing list