[Samba] wbinfo -u -g work, wbinfo -i and getent fail

Carl Gherardi carl.gherardi at gmail.com
Sun May 3 21:02:25 MDT 2015 

Hi all,

I'm using Ubuntu 14.04 samba 4.1.6 packages, attempting to set up a server
for file shares AD clients can use. My previous setup was a simple AD join
with a user map file (1 to 1 AD to unix user) that i've been migrating for
approximately 7 years, and with the last 2003 AD server removed from the
network it stopped working (2008 R2 DC's now).

After approximately 2 weeks of varying results (including a working config
for 24 hours), I seem to have come full circle to 'non functional' again.

I'm able to join the domain using either net ads join -k or net ads join -u
Administrator

wbinfo -u - Gives me a list of domain users
wbinfo -g - Gives a list of domain groups

wbinfo -i Administrator | wbinfo -i CAG\\Administrator | wbinfo -i
CAG+Administrator all return
failed to call wbcGetgrnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for <blah>

and getent passwd only returns local+nis users.

I see a _lot_ of posts about this via google but few with solutions.

SFU is (was?) functional and pushing uid and gid's, and at several points
in the last two weeks getent passwd|group has been functional

Any suggestions appreciated.

Thanks

Carl Gherardi

smb.conf:
[global]
   workgroup = CAG
   security = ADS
   realm = CAG.DOMAIN.NAME
   netbios aliases = gong
   dedicated keytab file = /etc/krb5.keytab
   kerberos method = secrets and keytab

   idmap config *:backend = tdb
   idmap config *:range = 500-999
   idmap config CAG:backend = ad
   idmap config CAG:range = 1000-99999

   idmap config CAG:schema_mode = rfc2307
   winbind nss info = rfc2307

   winbind trusted domains only = no
   winbind use default domain = no
   winbind nested groups = yes
   winbind enum users  = yes
   winbind enum groups = yes
   winbind refresh tickets = Yes
   winbind expand groups = 4
   winbind normalize names = Yes
   domain master = no
   local master = no
   dns proxy = no
   log level = 3 auth:10 winbind:3

nsswitch.conf

passwd:         compat winbind nis
group:          compat winbind nis

More information about the samba mailing list