[Samba] wbinfo -u/-g/-n works, but not 'wbinfo -i' or 'id'

Adam Tauno Williams awilliam at whitemice.org
Tue Apr 14 13:59:48 MDT 2015 

On Tue, 2015-04-14 at 15:20 +0100, Rowland Penny wrote:
> On 14/04/15 14:59, Adam Tauno Williams wrote:
> > On Thu, 2014-10-30 at 13:41 -0300, Horacio G. de Oro wrote:
> >> Hi! I'm trying to add a member to be used as fileserver, following the
> >> guides at:
> >> - https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
> >> - https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC
> >> The AD server has been in use for month, but I can't get user
> >> information from the new member. The new member was joined to the
> >> directory, and nsswitch was configured. Running 'id username' returns
> >> 'No such user'.
> >> Running 'wbinfo -u' and  'wbinfo -g', 'wbinfo -n username' and 'wbinfo
> >> --sid-to-uid' works OK. Also 'wbinfo --online-status' and 'wbinfo
> >> --ping-dc'
> >> But, when I try 'id username', or 'wbinfo -i username', it fails with
> >> WBC_ERR_DOMAIN_NOT_FOUND
> >> $ wbinfo -i username
> >> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
> >> Could not get info for user username
> >> $ wbinfo -n username
> >> S-1-5-21-3087569779-2873525441-767630994-1118 SID_USER (1)
> >> And using '--sid-to-uid' I got the UID:
> >> $ wbinfo --sid-to-uid S-1-5-21-3087569779-2873525441-767630994-1118
> >> 10000 Servers · Web Development in Python & Java · DevOps · Big Data
> > I am experiencing much the same issue; wbinfo -u/-g works but getent
> > passwd/group only contains a very partial user list and querying a
> > specific user causes the WBC_ERR_DOMAIN_NOT_FOUND error.  Although
> > otherwise the domain is functional and there are active workstations.
> > Did you every identify a solution?
> It should work, it sounds like a mis-configuration somewhere, can you 
> post the smb.conf, /etc/nsswitch.conf, /etc/resolv.conf and 
> /etc/krb5.conf from the member server.

"wbinfo -u" lists 415 lines

"getent passwd" returns 93 lines

A host configured to use nslcd and LDAP directory returns 560 lines for
"getent passwd".

Samba on client is sernet-samba-4.1.17-11.el6.x86_64, AD DCs are all
sernet-samba-4.0.21-7.el6.x86_64

[root at barbel profiles]# wbinfo -i cleslie
failed to call wbcGetpwnam: WBC_ERR_WINBIND_NOT_AVAILABLE


/etc/samba/smb.conf
###################

   idmap_ldb:use rfc2307 = yes
   idmap config *:backend = tdb
   idmap config *:range = 4000001-4999999
   idmap config BACKBONE:backend = ad
   idmap config BACKBONE:schema_mode = rfc2307
   idmap config BACKBONE:range = 100-400000

   winbind nss info = rfc2307
   winbind trusted domains only = no
   winbind use default domain = yes
   winbind enum users = yes
   winbind enum groups = yes
   winbind refresh tickets = Yes
   winbind expand groups = 4
   winbind normalize names = Yes
   domain master = no
   local master = no
   vfs objects = acl_xattr
   map acl inherit = Yes
   store dos attributes = Yes


-- 
Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383
Systems Administrator, Python Developer, LPI / NCLA

More information about the samba mailing list