samba - May 2002 - Winbind doesn't authenticate users -2.2.4/RH 7.2

I have winbind authenticating against a W2K Domain Controller.  It works
just fine with 2.2.3.  After upgrading to 2.2.4 I can no longer authenticate
agains a W2K domain account.  Everything compiles, installs, and starts
successfully Under 2.2.4.  wbinfo -u gives a correct list of users, wbinfo
-t verifies that the secret is good.  Howerver, running 'getent passwd'
and
'getent group' yield only the local users and groups, whereas under
2.2.3
they yielded all local and W2K domain users.  Any ideas?  Below is my
smb.conf
Russell Jungwirth
Herzing College

# Samba config file created using SWAT
# from 192.168.10.56 (192.168.10.56)
# Date: 2002/02/26 12:45:21

# Global parameters
[global]
        workgroup = HERZING
        server string = student_web
        interfaces = eth1
        smb passwd file = /etc/smbpasswd
        unix password sync = Yes
        username map = /etc/smbusers
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*Unix*password* %n\n *ReType*new*Unix*password
%n\n *password changed*
        encrypt passwords = Yes
        # separate domain and username with a slash
        winbind separator = _
        # use uids from 10000 to 20000 for windows AD users
        winbind uid = 10000-20000
        # use gids from 10000 to 20000 for windows AD users
        winbind gid = 10000-20000
        # allow enumeration of winbind users and groups
        winbind enum users = yes
        winbind enum groups = yes
        # no domain prefixes
        winbind default domain = true
        # winbind default domain = HERZING
        # give winbind users a real shell (for now...)
        template shell = /bin/bash
        template homedir = /home/domain/%U
        security = domain
        password server = 192.168.10.13
        netbios name = rjungwirth
        log level=3

These are the specific error message I get in log.winbindd when I run these
commands:
getent passwd:
[2002/02/05 09:00:26, 0] nsswitch/winbindd.c:process_loop(613)
  process_loop: Invalid request size (5) send, should be (1304)
[2002/02/05 09:00:26, 0] nsswitch/winbindd.c:process_loop(613)
  process_loop: Invalid request size (6) send, should be (1304)

getent group:
[2002/02/05 09:01:16, 0] nsswitch/winbindd.c:process_loop(613)
  process_loop: Invalid request size (8) send, should be (1304)
[2002/02/05 09:01:16, 0] nsswitch/winbindd.c:process_loop(613)
  process_loop: Invalid request size (9) send, should be (1304)

at login attempt:
[2002/02/05 09:01:56, 0] nsswitch/winbindd.c:process_loop(613)
  process_loop: Invalid request size (0) send, should be (1304)
> I have winbind authenticating against a W2K Domain Controller.  It
> works just fine with 2.2.3.  After upgrading to 2.2.4 I can no longer
> authenticate agains a W2K domain account.  Everything compiles,
> installs, and starts successfully Under 2.2.4.  wbinfo -u gives a
> correct list of users, wbinfo -t verifies that the secret is good.
> Howerver, running 'getent passwd' and 'getent group' yield
only the
> local users and groups, whereas under 2.2.3 they yielded all local and
> W2K domain users.  Any ideas?  Below is my smb.conf
> Russell Jungwirth
> Herzing College
>
> # Samba config file created using SWAT
> # from 192.168.10.56 (192.168.10.56)
> # Date: 2002/02/26 12:45:21
>
> # Global parameters
> [global]
>        workgroup = HERZING
>        server string = student_web
>        interfaces = eth1
>        smb passwd file = /etc/smbpasswd
>        unix password sync = Yes
>        username map = /etc/smbusers
>        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>        passwd program = /usr/bin/passwd %u
>        passwd chat = *New*Unix*password* %n\n *ReType*new*Unix*password
> %n\n *password changed*
>        encrypt passwords = Yes
>        # separate domain and username with a slash
>        winbind separator = _
>        # use uids from 10000 to 20000 for windows AD users
>        winbind uid = 10000-20000
>        # use gids from 10000 to 20000 for windows AD users
>        winbind gid = 10000-20000
>        # allow enumeration of winbind users and groups
>        winbind enum users = yes
>        winbind enum groups = yes
>        # no domain prefixes
>        winbind default domain = true
>        # winbind default domain = HERZING
>        # give winbind users a real shell (for now...)
>        template shell = /bin/bash
>        template homedir = /home/domain/%U
>        security = domain
>        password server = 192.168.10.13
>        netbios name = rjungwirth
>        log level=3
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

On Sun, May 05, 2002 at 20:26 Andrew Bartlett wrote:
>> [2002/02/05 09:01:56, 0] nsswitch/winbindd.c:process_loop(613)
>>   process_loop: Invalid request size (0) send, should be (1304)
>
>I think this means that you have older/newer winbind client libs
>installed
>
>Install the version that matches the winbindd you are running.
>
>Andrew Bartlett
Just as a note of caution (I'd also forgotten to replace the
/lib/libnss_winbind.so and /lib/security/pam_winbind.so from 2.2.3a - thanks
Andrew) - connections to the share were being made with root privileges, not
the connecting user.  I was getting the same errors about process_loop, and
the log file for my PC said:
mypc (123.45.67.89) connect to service FILES as user domain+user (uid=0,
gid=0) (pid 13578)
The domain+user bit was right, but as you can see the uid and gid were root.
After correctly installing the libs, connections now say
mypc (123.45.67.89) connect to service FILES as user domain+user (uid=10000,
gid=10000) (pid 14565)
However, I am still seeing the process_loop errors every ten minutes in
log.winbindd:
[2002/05/09 11:10:00, 0] nsswitch/winbindd.c:process_loop(613)
  process_loop: Invalid request size (4) send, should be (1304)
with no-one connected.  Any ideas?

Thanks
Mike Pain