[Samba] wbinfo -r reports strange gids on AD member

Christian chanlists at googlemail.com
Tue Jan 21 13:50:59 UTC 2020

Dear list,

on a unix domain member, I get

root at member:~# wbinfo -r some_user

However, GID 3001 does not exist in our AD... On the other hand, GID
10559 (corresponding to some_group) appears to be missing from the list.
Also, getent group some_group reports some_user as member. On other
domain members, no issue, just two of them. This is debian buster with
Louis's 4.10.11 packages. The winbindd related parts of smb.conf are:

        winbind expand groups = 2
        security = ADS
        winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = yes
        winbind nss info = ad
        winbind refresh tickets = yes
        kerberos method = system keytab
        idmap config * : backend = tdb
        idmap config * : range = 3000 - 7999
        idmap config XXX:backend = ad
        idmap config XXX:schema_mode = rfc2307
        idmap config XXX:range = 10000 - 999999
        idmap config XXX:unix_nss_info = yes
        idmap config XXX:unix_primary_group = yes
        username map = /etc/samba/user.map

Not sure what to make of this... I would be grateful for any hints on
how to debug this... Best wishes,


More information about the samba mailing list