[Samba] Getent group don't work
Tomasz Błasiak
blasiaktomasz at gmail.com
Mon May 18 02:08:19 MDT 2015
Hi
Oracle Linux Server client with Samba 3.6.23 (file server) joined to the
Samba4 AD domain.
----------------
smb.conf
[global]
#--authconfig--start-line--
netbios name = FS
server string = "GSDAD Fileserver"
workgroup = GSDAD
realm = AD.GSD.LAN
security = ads
winbind use default domain = yes
idmap config * : backend = rid
idmap config * : range = 16777216-33554431
template shell = /sbin/nologin
winbind offline logon = false
winbind enum users = yes
winbind enum groups = yes
idmap cache time = 15
idmap negative cache time = 15
log level = 2
hide dot files = yes
hide unreadable = yes
access based share enum = yes
wide links = Yes
unix extensions = No
follow symlinks = Yes
socket options = TCP_NODELAY IPTOS_THROUGHPUT
vfs objects = full_audit
full_audit:prefix = %u|%I|%S
full_audit:success = mkdir rename rmdir write unlink pwrite
full_audit:failure = none
recycle:repository = .deleted/%U
recycle:keeptree = No
recycle:touch = Yes
recycle:versions = Yes
recycle:maxsixe = 0
;recycle:exclude = *.tmp *.ini *.dat
;recycle:exclude_dir = /tmp /home /home/* /storage/samba/homes
/storage/samba/homes/*
keepalive = 300
deadtime = 10
include = /etc/samba/smb.conf.shares
#--authconfig--end-line--
----------------
getent passwd and wbinfo -u returns all AD users correctly
wbinfo -g returns all AD groups correctly
getent group fails. Only local groups are returned.
------------
log.winbindd
winbindd/winbindd_group.c:45(fill_grent)
winbindd Failed to find domain 'GSD-DOK'. Check connection to trusted
domains!
------------
'GSD-DOK' it is group in AD
I set log level = 10
----------
log.winbindd
2015/05/15 12:28:38.557668, 6] winbindd/winbindd.c:822(new_connection)
accepted socket 23
[2015/05/15 12:28:38.558409, 10] winbindd/winbindd.c:672(process_request)
process_request: request fn INTERFACE_VERSION
[2015/05/15 12:28:38.558654, 3]
winbindd/winbindd_misc.c:384(winbindd_interface_version)
[ 2718]: request interface version
[2015/05/15 12:28:38.558905, 10]
winbindd/winbindd.c:768(winbind_client_response_written)
winbind_client_response_written[2718:INTERFACE_VERSION]: delivered
response to client
[2015/05/15 12:28:38.559251, 10] winbindd/winbindd.c:672(process_request)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2015/05/15 12:28:38.559482, 3]
winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir)
[ 2718]: request location of privileged pipe
[2015/05/15 12:28:38.559999, 10]
winbindd/winbindd.c:768(winbind_client_response_written)
winbind_client_response_written[2718:WINBINDD_PRIV_PIPE_DIR]: delivered
response to client
[2015/05/15 12:28:38.560401, 6] winbindd/winbindd.c:822(new_connection)
accepted socket 30
[2015/05/15 12:28:38.560682, 6]
winbindd/winbindd.c:870(winbind_client_request_read)
closing socket 23, client exited
[2015/05/15 12:28:38.560948, 10] winbindd/winbindd.c:645(process_request)
process_request: Handling async request 2718:GETGRNAM
[2015/05/15 12:28:38.561267, 3]
winbindd/winbindd_getgrnam.c:56(winbindd_getgrnam_send)
getgrnam GSD-it
[2015/05/15 12:28:38.561509, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupName: struct wbint_LookupName
in: struct wbint_LookupName
domain : *
domain : 'GSDAD'
name : *
name : 'GSD-IT'
flags : 0x00000000 (0)
[2015/05/15 12:28:38.562552, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupName: struct wbint_LookupName
out: struct wbint_LookupName
type : *
type : SID_NAME_DOM_GRP (2)
sid : *
sid :
S-1-5-21-678467049-2606551726-923385481-1113
result : NT_STATUS_OK
[2015/05/15 12:28:38.563484, 10]
winbindd/winbindd_util.c:787(find_lookup_domain_from_sid)
find_lookup_domain_from_sid(S-1-5-21-678467049-2606551726-923385481-1113)
[2015/05/15 12:28:38.563779, 10]
winbindd/winbindd_util.c:797(find_lookup_domain_from_sid)
calling find_our_domain
[2015/05/15 12:28:38.564038, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupSid: struct wbint_LookupSid
in: struct wbint_LookupSid
sid : *
sid :
S-1-5-21-678467049-2606551726-923385481-1113
[2015/05/15 12:28:38.564524, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupSid: struct wbint_LookupSid
out: struct wbint_LookupSid
type : *
type : SID_NAME_DOM_GRP (2)
domain : *
domain : *
domain : 'GSD-IT'
name : *
name : *
name : ''
result : NT_STATUS_OK
[2015/05/15 12:28:38.565800, 10] lib/gencache.c:183(gencache_set_data_blob)
Adding cache entry with key =
IDMAP/SID2GID/S-1-5-21-678467049-2606551726-923385481-1113 and timeout =
Thu Jan 1 01:00:00 1970
(-1431685718 seconds in the past)
[2015/05/15 12:28:38.566636, 10]
winbindd/winbindd_util.c:787(find_lookup_domain_from_sid)
find_lookup_domain_from_sid(S-1-5-21-678467049-2606551726-923385481-1113)
[2015/05/15 12:28:38.566880, 10]
winbindd/winbindd_util.c:797(find_lookup_domain_from_sid)
calling find_our_domain
[2015/05/15 12:28:38.567127, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupSid: struct wbint_LookupSid
in: struct wbint_LookupSid
sid : *
sid :
S-1-5-21-678467049-2606551726-923385481-1113
[2015/05/15 12:28:38.567677, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupSid: struct wbint_LookupSid
out: struct wbint_LookupSid
type : *
type : SID_NAME_DOM_GRP (2)
domain : *
domain : *
domain : 'GSD-IT'
name : *
name : *
name : ''
result : NT_STATUS_OK
[2015/05/15 12:28:38.568904, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_Sid2Gid: struct wbint_Sid2Gid
in: struct wbint_Sid2Gid
dom_name : NULL
sid : *
sid :
S-1-5-21-678467049-2606551726-923385481-1113
[2015/05/15 12:28:38.575264, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_Sid2Gid: struct wbint_Sid2Gid
out: struct wbint_Sid2Gid
gid : *
gid : 0x0000000001000459 (16778329)
result : NT_STATUS_OK
[2015/05/15 12:28:38.575852, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupGroupMembers: struct wbint_LookupGroupMembers
in: struct wbint_LookupGroupMembers
sid : *
sid :
S-1-5-21-678467049-2606551726-923385481-1113
type : SID_NAME_DOM_GRP (2)
[2015/05/15 12:28:38.576075, 1]
../librpc/ndr/ndr.c:284(ndr_print_function_debug)
wbint_LookupGroupMembers: struct wbint_LookupGroupMembers
out: struct wbint_LookupGroupMembers
members : *
members: struct wbint_Principals
num_principals : 4
principals: ARRAY(4)
principals: struct wbint_Principal
sid :
S-1-5-21-678467049-2606551726-923385481-1613
type : SID_NAME_USER (1)
name : *
name : 'tnowak'
principals: struct wbint_Principal
sid :
S-1-5-21-678467049-2606551726-923385481-1108
type : SID_NAME_USER (1)
name : *
name : 'plewandowski'
principals: struct wbint_Principal
sid :
S-1-5-21-678467049-2606551726-923385481-1602
type : SID_NAME_USER (1)
name : *
name : 'kbet'
principals: struct wbint_Principal
sid :
S-1-5-21-678467049-2606551726-923385481-1625
type : SID_NAME_USER (1)
name : *
name : 'drukGSD'
result : NT_STATUS_OK
[2015/05/15 12:28:38.579554, 0] winbindd/winbindd_group.c:45(fill_grent)
Failed to find domain 'GSD-IT'. Check connection to trusted domains!
[2015/05/15 12:28:38.580456, 5]
winbindd/winbindd_getgrnam.c:152(winbindd_getgrnam_recv)
fill_grent failed
[2015/05/15 12:28:38.581716, 10] winbindd/winbindd.c:707(wb_request_done)
wb_request_done[2718:GETGRNAM]: NT_STATUS_NO_MEMORY
[2015/05/15 12:28:38.589246, 10]
winbindd/winbindd.c:768(winbind_client_response_written)
winbind_client_response_written[2718:GETGRNAM]: delivered response to
client
[2015/05/15 12:28:38.589653, 6]
winbindd/winbindd.c:870(winbind_client_request_read)
closing socket 30, client exited
----------
Any ideas anyone?
Cheers,
Tom
More information about the samba
mailing list