[Samba] Repeat Question with more Info about strange winbind behaviour

Jeremy Allison jra at samba.org
Sat May 21 00:03:36 UTC 2016

On Thu, May 19, 2016 at 07:05:56PM +0000, ray klassen wrote:
> <original unanswered message>
> OS: Debian Jessie Samba version: 2:4.2.10+dfsg-0+deb8u2
> strange behaviours 
> before I set "winbind use rpc only = yes" 
> 1) "wbinfo -u" would pause and return nothing2) "getent passwd" would display only the user info in the local files
> 3) "wbinfo -g" would return list of domain groups4) "wbinfo -i user" would display the user information of one user5) "getent passwd user" would display the user information in passwd format
> after I set "winbind use rpc only = yes" everything seems to work normally. i.e. the 1 and 2 return a full list.this would seem to indicate to me that winbind was getting incomplete info from ldap on the PDC.I have no idea how this could happen. Other machines on my network do not have this issue. Even one almost identical. It's a mirror on the other end of a VPN. It doesn't seem to need "winbind use rpc only = yes" OpenLDAP had a size limit on lookups. Is there such a thing in the SAMBA 4 ldap backend?
> Is needing "winbind use rpc only = yes" indicative of something wrong?

Yes. It forces winbindd to only use the DCE-RPC
calls to the AD-DC instead of the LDAP calls.

You should not need this.

More information about the samba mailing list