[Samba] Failed to find domain Unix Group

Rowland penny rpenny at samba.org
Tue Jul 12 19:21:18 UTC 2016 

On 12/07/16 20:03, Carlos A. P. Cunha wrote:
> Hello!
>
> My file server is running ubuntu samba 4.3.0 and today started the 
> problem that my IDs have changed and this caused countless problems.
> In the logs I have the following:
>
> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
> 07.605992, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
> domain 'Unix Group'. Check connection to trusted domains!
> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
> 07.606582, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
> domain 'Unix Group'. Check connection to trusted domains!
> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
> 07.739510, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
> domain 'Unix Group'. Check connection to trusted domains!
> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
> 07.743113, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
> domain 'Unix Group'. Check connection to trusted domains!
>
>
> my smb.conf
>
> [global]
>
> netbios name = FILESERVER
> workgroup = SERVER
> security = ADS
>
> realm = MYDOMAIN
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
>
>
> idmap config *: backend = tdb
> # I changed values ​​for test
> idmap config *: range = 100000-9999999
> idmap config SERVERAD: backend = rid
> # I changed values ​​for test
> idmap config SERVERAD: range = 1000000000 to 9999999999
> idmap_ldb: use RFC2307 = Yes
>
> winbind nss info = RFC2307
> winbind trusted domains only = no
> winbind use default domain = yes
> winbind enum users = yes
> winbind enum groups = yes
> winbind refresh tickets = Yes
> winbind cache time = 10
>
> # Needed for Fileserver
> vfs objects = acl_xattr
> map acl inherit = Yes
> store the attributes = Yes
>
> # Disable Cups
> load printers = no
> printing = bsd
> printcap name = / dev / null
> spoolss disable = yes
>
>
> I think the problem is that the ID are conflicting with the system:
>
> id user01
> uid = 11458 (user01) gid = 10513 (domain users) groups = 10513 (domain 
> users), 11458 (user01), 18249 (almox_grupo), 5001 (BUILTIN \ users)
>
>
> Thanks!!

Hi, your 'id' command is showing this: uid = 11458(user01) and groups = 
11458(user01)
How is this occurring ?
Do you have a user or group called 'user01' in AD that is also in 
/etc/passwd ?
If this is the case, you need to decide which one to keep and delete the 
other, users/groups cannot exist in AD and /etc/passwd.

Rowland

More information about the samba mailing list