[Samba] winbindd losing track of RFC2307 UIDs
Rob
rj_t1 at redglow.org
Wed Oct 5 20:12:41 UTC 2016
On Tue, 4 Oct 2016, Rowland Penny wrote:
> This is very strange, have you tried running 'net cache flush' on the
> domain member ?
>
> Have you compared the users AD objects ?
Running 'net cache flush' on the member does fix things, albeit only for a
while:
# wbinfo -i auser
auser:*:2020:10000:User Name:/home/auser:/bin/bash
# net cache flush
# wbinfo -i auser
auser:*:10028:10000:User Name:/home/auser:/bin/bash
[...wait a few hours...]
# wbinfo -i auser
auser:*:2020:10000:User Name:/home/auser:/bin/bash
Using ldbsearch on sam.ldb on the DC, I compared the attributes of
problematic users and normal users... I couldn't find anything
obvious distinguishing them.
Also, on the member:
# net idmap dump
dumping id mapping from /usr/local/samba/var/locks/winbindd_idmap.tdb
[...]
UID 2020 S-1-5-21-2701825980-1665447529-2160704981-1177
(where S-*-1177 is the SID for auser)
But I'd think winbindd would prefer the mapping in AD, given smb.conf
having our domain listed explicitly and 2xxx only as a default/fallback.
Or maybe I misunderstand how the idmaps work... does the order in smb.conf
matter at all?
_Rob
More information about the samba
mailing list