[Samba] Failed to find domain Unix Group

Carlos A. P. Cunha carlos.hollow at gmail.com
Tue Jul 12 19:34:48 UTC 2016


Hello!
My User is only in AD, the passwd see some User (system) with high GID 
in the same range of Samba

Example:
statd: x: 108: 65534 :: / var / lib / nfs: / bin / false

My fear is that change again and lose everything again permissions, 
which had to redo everything ...

Thank you


Em 12-07-2016 16:21, Rowland penny escreveu:
> On 12/07/16 20:03, Carlos A. P. Cunha wrote:
>> Hello!
>>
>> My file server is running ubuntu samba 4.3.0 and today started the 
>> problem that my IDs have changed and this caused countless problems.
>> In the logs I have the following:
>>
>> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
>> 07.605992, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
>> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
>> domain 'Unix Group'. Check connection to trusted domains!
>> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
>> 07.606582, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
>> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
>> domain 'Unix Group'. Check connection to trusted domains!
>> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
>> 07.739510, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
>> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
>> domain 'Unix Group'. Check connection to trusted domains!
>> Jul 12 15:57:07 samba fileserver winbindd [1141] [07.12.2016 15: 57: 
>> 07.743113, 0] ../source3/winbindd/winbindd_group.c:45(fill_grent)
>> Jul 12 15:57:07 samba fileserver winbindd [1141]: Failed to find 
>> domain 'Unix Group'. Check connection to trusted domains!
>>
>>
>> my smb.conf
>>
>> [global]
>>
>> netbios name = FILESERVER
>> workgroup = SERVER
>> security = ADS
>>
>> realm = MYDOMAIN
>> dedicated keytab file = /etc/krb5.keytab
>> kerberos method = secrets and keytab
>>
>>
>> idmap config *: backend = tdb
>> # I changed values ​​for test
>> idmap config *: range = 100000-9999999
>> idmap config SERVERAD: backend = rid
>> # I changed values ​​for test
>> idmap config SERVERAD: range = 1000000000 to 9999999999
>> idmap_ldb: use RFC2307 = Yes
>>
>> winbind nss info = RFC2307
>> winbind trusted domains only = no
>> winbind use default domain = yes
>> winbind enum users = yes
>> winbind enum groups = yes
>> winbind refresh tickets = Yes
>> winbind cache time = 10
>>
>> # Needed for Fileserver
>> vfs objects = acl_xattr
>> map acl inherit = Yes
>> store the attributes = Yes
>>
>> # Disable Cups
>> load printers = no
>> printing = bsd
>> printcap name = / dev / null
>> spoolss disable = yes
>>
>>
>> I think the problem is that the ID are conflicting with the system:
>>
>> id user01
>> uid = 11458 (user01) gid = 10513 (domain users) groups = 10513 
>> (domain users), 11458 (user01), 18249 (almox_grupo), 5001 (BUILTIN \ 
>> users)
>>
>>
>> Thanks!!
>
> Hi, your 'id' command is showing this: uid = 11458(user01) and groups 
> = 11458(user01)
> How is this occurring ?
> Do you have a user or group called 'user01' in AD that is also in 
> /etc/passwd ?
> If this is the case, you need to decide which one to keep and delete 
> the other, users/groups cannot exist in AD and /etc/passwd.
>
> Rowland
>



More information about the samba mailing list