Thanks Bob,
assigning an ID in SFU to 'Domain Users' was the trick. No I can see all
users :-)
Thanks
J?rg
-----Urspr?ngliche Nachricht-----
Von: Gautier, B (Bob) [mailto:Bob.Gautier@rabobank.com]
Gesendet: Freitag, 21. April 2006 13:24
An: Horchler, Joerg
Cc: Gautier, B (Bob)
Betreff: RE: [Samba] getent not working (again)
No, it doesn't sound like this is your problem. But it's easy to check,
if
getent passwd takes (almost) exactly 30 seconds.
To show up with idmap_ad, users have to have a valid msSFU30GidNumber *and*
a primaryGroupID with a valid msSFU30GidNumber. In 'Active Directory Users
and Computers' select the user, click the 'Member Of' tab, and make
sure the
primary group is set to a group with an msSFU30GidNumber attribute.
Setting group membership for a user via the 'Unix Attributes' tab, as
far as
I can tell, does not work.
I found it useful to delete my winbindd cache files before any test runs, by
the way.
Bob G
> -----Original Message-----
> From: Horchler, Joerg [mailto:joerg.horchler@coremedia.com]
> Sent: 21 April 2006 12:08
> To: Gautier, B (Bob); samba@lists.samba.org
> Subject: AW: [Samba] getent not working (again)
>
> I don't think that this is my problem. When I try 'getent passwd
> <user>' I get no output either. And we only store about 200
users. Is
> bug 3024 fixed in the newest version? I will try to apply the patch.
>
> J?rg
>
> -----Urspr?ngliche Nachricht-----
> Von: Gautier, B (Bob) [mailto:Bob.Gautier@rabobank.com]
> Gesendet: Freitag, 21. April 2006 12:54
> An: Horchler, Joerg; samba@lists.samba.org
> Betreff: RE: [Samba] getent not working (again)
>
> 'getent passwd' imposes an overall timeout of 30 seconds on the
reply
> from winbindd. Maybe that's biting you? See Bugzillas 3660, 3024.
>
> Bob G
>
> > -----Original Message-----
> > From: samba-bounces+bob.gautier=rabobank.com@lists.samba.org
> > [mailto:samba-bounces+bob.gautier=rabobank.com@lists.samba.org
> ] On Behalf Of Horchler, Joerg
> > Sent: 21 April 2006 11:06
> > To: samba@lists.samba.org
> > Subject: [Samba] getent not working (again)
> >
> > Hi all,
> >
> > after I searched the internet about a week now I can't find
> an answer
> > to my
> > problem:
> >
> > The company I work for is using a Windows 2003 Domain using the
> > Windows Services for UNIX (SFU) and NIS. We are using two Domain
> > Controllers that are hosting the ADS.
> >
> > Now I want to use Samba and NFS to implement a file server for our
> > mixed client enviroment: There will be Linux, HP UNIX, Solaris, AIX
> > and Windows clients accessing this server.
> > The Linux/UNIX clients will use NFS (no problem). The
> Windows clients
> > will use Samba.
> >
> > ====================================> > I compiled Samba 3.0.22
with:
> >
> > ./configure \
> > --with-ldap \
> > --with-ads \
> > --with-pam \
> > --with-quotas \
> > --with-acl-support \
> > --with-aio-support \
> > --with-sendfile-support \
> > --with-winbind \
> > --with-shared-modules=idmap_ad
> >
> > The last option was the only way to get idmap_ad compiled and
> > installed. I need this to use 'idmap backend = ad'
> >
> > ====================================> >
> > After installation I copied libnss_winbind.so and libnss_wins.so to
> > /lib and run ldconfig
> >
> > [root@io source]# ldconfig -v | grep libnss
> > libnss_winbind.so.2 -> libnss_winbind.so
> > libnss_wins.so.2 -> libnss_wins.so [root@io source]#
> >
> > ====================================> >
> > My smb.conf is
> >
> > [root@io source]# cat /usr/local/samba/lib/smb.conf [global]
> > unix charset = UTF8
> > display charset = UTF8
> > workgroup = XYZ
> > realm = ABC.COM
> > server string = linux fileserver %h (Samba %v)
> > security = ADS
> > auth methods = winbind
> > allow trusted domains = No
> > lanman auth = No
> > log level = 0 smb:1 auth:1 winbind:1 idmap:1 acls:1
> > log file = /var/log/samba/%m.log
> > disable netbios = Yes
> > reset on zero vc = Yes
> > deadtime = 10
> > os level = 0
> > preferred master = No
> > local master = No
> > domain master = No
> > wins server = a.b.c.d, a.b.c.e
> > ldap ssl = no
> > pid directory = /var/run
> > idmap backend = ad
> > idmap uid = 100-100000
> > idmap gid = 100-100000
> > winbind use default domain = Yes
> > winbind nested groups = Yes
> > winbind nss info = sfu
> > acl group control = Yes
> > acl map full control = No
> > inherit owner = Yes
> > ea support = Yes
> > map acl inherit = Yes
> > use sendfile = Yes
> > hide special files = Yes
> > map readonly = permissions
> > strict locking = No
> > dos filemode = Yes
> > [root@io source]#
> >
> > I configured no shares at the moment. Could that be a problem?
> >
> > ====================================> >
> > My /etc/krb5.conf
> >
> > [root@io source]# cat /etc/krb5.conf [logging] default =
> > FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log
> > admin_server = FILE:/var/log/kadmind.log
> >
> > [libdefaults]
> > default_realm = ABC.COM
> >
> > [realms]
> > ABC.COM = {
> > default_domain = abc.com
> > }
> >
> > [domain_realm]
> > .abc.com = ABC.COM
> > abc.com = ABC.COM
> >
> > [appdefaults]
> > pam = {
> > debug = false
> > ticket_lifetime = 36000
> > renew_lifetime = 36000
> > forwardable = true
> > krb4_convert = false
> > }
> > [root@io source]#
> >
> > ====================================> >
> > My /etc/nsswitch.conf
> >
> > [root@io source]# cat /etc/nsswitch.conf # #
> /etc/nsswitch.conf [...]
> >
> > passwd: files winbind
> > shadow: files winbind
> > group: files winbind
> >
> > #hosts: db files ldap nis dns
> > hosts: files dns wins
> >
> > [...]
> >
> > ====================================> >
> > Then I joined the domain successfully:
> >
> > [root@io source]#
> > net ads join -Uruth "Servers"
> >
> > [root@io source]# wbinfo -t
> > checking the trust secret via RPC calls succeeded [root@io source]#
> >
> > [root@io source]# net ads info
> > LDAP server: a.b.c.d
> > LDAP server name: uranus
> > Realm: ABC.COM
> > Bind Path: dc=ABC,dc=COM
> > LDAP port: 389
> > Server time: Fri, 21 Apr 2006 11:59:54 CEST KDC server:
> > a.b.c.d Server time offset: 55 [root@io source]#
> >
> > ====================================> >
> > After starting nmbd, smbd and winbindd I can successfully list my
> > domain users and group with wbinfo. But when I try to get a
> list via
> > getent it doesn't work.
> >
> > [root@io source]# getent passwd
> > root:x:0:0:root:/root:/bin/bash
> > bin:x:1:1:bin:/bin:/sbin/nologin
> > daemon:x:2:2:daemon:/sbin:/sbin/nologin
> > adm:x:3:4:adm:/var/adm:/sbin/nologin
> > lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
> > sync:x:5:0:sync:/sbin:/bin/sync
> > shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
> > halt:x:7:0:halt:/sbin:/sbin/halt
> > mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
> > news:x:9:13:news:/etc/news:
> > uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
> > operator:x:11:0:operator:/root:/sbin/nologin
> > games:x:12:100:games:/usr/games:/sbin/nologin
> > gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
> > ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
> > nobody:x:99:99:Nobody:/:/sbin/nologin
> > dbus:x:81:81:System message bus:/:/sbin/nologin
> vcsa:x:69:69:virtual
> > console memory owner:/dev:/sbin/nologin
> > rpm:x:37:37::/var/lib/rpm:/sbin/nologin
> > haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
> netdump:x:34:34:Network
> > Crash Dump user:/var/crash:/bin/bash nscd:x:28:28:NSCD
> > Daemon:/:/sbin/nologin sshd:x:74:74:Privilege-separated
> > SSH:/var/empty/sshd:/sbin/nologin rpc:x:32:32:Portmapper RPC
> > user:/:/sbin/nologin
> mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
> > smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
> > rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
> > nfsnobody:x:65534:65534:Anonymous NFS
> User:/var/lib/nfs:/sbin/nologin
> > pcap:x:77:77::/var/arpwatch:/sbin/nologin
> > xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
> > pegasus:x:100:500:tog-pegasus OpenPegasus WBEM/CIM
> > services:/var/lib/Pegasus:/sbin/nologin
> > postfix:x:89:89::/var/spool/postfix:/sbin/nologin
> > ntp:x:38:38::/etc/ntp:/sbin/nologin
> > [root@io source]#
> >
> > ====================================> >
> > I have lots of messages of this in winbindd.log:
> >
> > [2006/04/21 12:01:13, 1]
> sam/idmap_ad.c:ad_idmap_get_id_from_sid(329)
> > ad_idmap_get_id_from_sid: ads_pull_uint32: could not read
> attribute
> > 'msSFU30GidNumber'
> > [2006/04/21 12:01:13, 1]
> > nsswitch/winbindd_user.c:winbindd_fill_pwent(92)
> > error getting group id for sid
> > S-1-5-21-1663660479-371685239-1594628879-513
> >
> > But I think thats not the problem because in winbindd_idmap.tdb are
> > all users with correct mappings that have the field
> msSFU30GidNumber.
> >
> > ====================================> >
> > The last thing I tried was to to a strace:
> >
> > [root@io samba]# strace getent passwd
execve("/usr/bin/getent",
> > ["getent", "passwd"], [/* 23 vars
> > */]) = 0 uname({sys="Linux",
node="io.coremedia.com", ...}) = 0
> > brk(0) = 0x9c66000
> > access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such
file or
> > directory)
> > open("/etc/ld.so.cache", O_RDONLY) = 3
> > fstat64(3, {st_mode=S_IFREG|0644, st_size=37645, ...}) = 0
> > old_mmap(NULL, 37645, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f27000
> > close(3) = 0
> > open("/lib/tls/libc.so.6", O_RDONLY) = 3
> > read(3,
> >
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20o-\000"...,
> > 512) = 512 fstat64(3, {st_mode=S_IFREG|0755,
> st_size=1454546, ...}) > > 0 old_mmap(0x2c2000, 1219772,
PROT_READ|PROT_EXEC,
> > MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2c2000
> old_mmap(0x3e6000, 16384,
> > PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3,
> > 0x124000) = 0x3e6000 old_mmap(0x3ea000, 7356, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ea000
> > close(3) = 0
> > old_mmap(NULL, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS,
> > -1, 0) = 0xb7f26000
> > mprotect(0x3e6000, 4096, PROT_READ) = 0
> > mprotect(0x2be000, 4096, PROT_READ) = 0
> > set_thread_area({entry_number:-1 -> 6, base_addr:0xb7f26aa0,
> > limit:1048575, seg_32bit:1, contents:0, read_exec_only:0,
> > limit_in_pages:1, seg_not_present:0, useable:1}) = 0
> > munmap(0xb7f27000, 37645) = 0
> > brk(0) = 0x9c66000
> > brk(0x9c87000) = 0x9c87000
> > open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE)
= 3
> > fstat64(3, {st_mode=S_IFREG|0644, st_size=48513056, ...}) = 0
> > mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7d26000
> > close(3) = 0
> > open("/etc/nsswitch.conf", O_RDONLY) = 3
> > fstat64(3, {st_mode=S_IFREG|0644, st_size=1652, ...}) = 0
> mmap2(NULL,
> > 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
> > 0xb7d25000 read(3, "#\n# /etc/nsswitch.conf\n#\n# An ex"...,
4096) > > 1652
> > read(3, "", 4096) = 0
> > close(3) = 0
> > munmap(0xb7d25000, 4096) = 0
> > open("/etc/ld.so.cache", O_RDONLY) = 3
> > fstat64(3, {st_mode=S_IFREG|0644, st_size=37645, ...}) = 0
> > old_mmap(NULL, 37645, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7d1c000
> > close(3) = 0
> > open("/lib/libnss_files.so.2", O_RDONLY) = 3 read(3,
> >
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\33\0"..., 512)
> > 512
> > fstat64(3, {st_mode=S_IFREG|0755, st_size=45889, ...}) = 0
> > old_mmap(NULL, 41608, PROT_READ|PROT_EXEC,
> MAP_PRIVATE|MAP_DENYWRITE,
> > 3, 0) = 0x4b2000 old_mmap(0x4bb000, 8192, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x4bb000
> > close(3) = 0
> > munmap(0xb7d1c000, 37645) = 0
> > open("/etc/passwd", O_RDONLY) = 3
> > fcntl64(3, F_GETFD) = 0
> > fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
> > fstat64(3, {st_mode=S_IFREG|0644, st_size=1546, ...}) = 0
> mmap2(NULL,
> > 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
> > 0xb7d25000
> > _llseek(3, 0, [0], SEEK_CUR) = 0
> > read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 1546
> > fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0),
> > ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7d24000 write(1,
> > "root:x:0:0:root:/root:/bin/bash\n",
> > 32root:x:0:0:root:/root:/bin/bash
> > ) = 32
> > write(1, "bin:x:1:1:bin:/bin:/sbin/nologin"...,
> > 33bin:x:1:1:bin:/bin:/sbin/nologin
> > ) = 33
> > write(1, "daemon:x:2:2:daemon:/sbin:/sbin/"...,
> > 40daemon:x:2:2:daemon:/sbin:/sbin/nologin
> > ) = 40
> > write(1, "adm:x:3:4:adm:/var/adm:/sbin/nol"...,
> > 37adm:x:3:4:adm:/var/adm:/sbin/nologin
> > ) = 37
> > write(1, "lp:x:4:7:lp:/var/spool/lpd:/sbin"...,
> > 41lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
> > ) = 41
> > write(1, "sync:x:5:0:sync:/sbin:/bin/sync\n",
> > 32sync:x:5:0:sync:/sbin:/bin/sync
> > ) = 32
> > write(1, "shutdown:x:6:0:shutdown:/sbin:/s"...,
> > 45shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
> > ) = 45
> > write(1, "halt:x:7:0:halt:/sbin:/sbin/halt"...,
> > 33halt:x:7:0:halt:/sbin:/sbin/halt
> > ) = 33
> > write(1, "mail:x:8:12:mail:/var/spool/mail"...,
> > 47mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
> > ) = 47
> > write(1, "news:x:9:13:news:/etc/news:\n",
> > 28news:x:9:13:news:/etc/news:
> > ) = 28
> > write(1, "uucp:x:10:14:uucp:/var/spool/uuc"...,
> > 48uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
> > ) = 48
> > write(1, "operator:x:11:0:operator:/root:/"...,
> > 45operator:x:11:0:operator:/root:/sbin/nologin
> > ) = 45
> > write(1, "games:x:12:100:games:/usr/games:"...,
> > 46games:x:12:100:games:/usr/games:/sbin/nologin
> > ) = 46
> > write(1, "gopher:x:13:30:gopher:/var/gophe"...,
> > 48gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
> > ) = 48
> > write(1, "ftp:x:14:50:FTP User:/var/ftp:/s"...,
44ftp:x:14:50:FTP
> > User:/var/ftp:/sbin/nologin
> > ) = 44
> > write(1, "nobody:x:99:99:Nobody:/:/sbin/no"...,
> > 38nobody:x:99:99:Nobody:/:/sbin/nologin
> > ) = 38
> > write(1, "dbus:x:81:81:System message bus:"...,
> 48dbus:x:81:81:System
> > message bus:/:/sbin/nologin
> > ) = 48
> > write(1, "vcsa:x:69:69:virtual console mem"...,
> 61vcsa:x:69:69:virtual
> > console memory owner:/dev:/sbin/nologin
> > ) = 61
> > write(1, "rpm:x:37:37::/var/lib/rpm:/sbin/"...,
> > 40rpm:x:37:37::/var/lib/rpm:/sbin/nologin
> > ) = 40
> > write(1, "haldaemon:x:68:68:HAL daemon:/:/"...,
> > 45haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
> > ) = 45
> > write(1, "netdump:x:34:34:Network Crash Du"...,
> > 61netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
> > ) = 61
> > write(1, "nscd:x:28:28:NSCD Daemon:/:/sbin"...,
41nscd:x:28:28:NSCD
> > Daemon:/:/sbin/nologin
> > ) = 41
> > write(1, "sshd:x:74:74:Privilege-separated"...,
> > 67sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
> > ) = 67
> > write(1, "rpc:x:32:32:Portmapper RPC user:"...,
> > 48rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
> > ) = 48
> > write(1, "mailnull:x:47:47::/var/spool/mqu"...,
> > 50mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
> > ) = 50
> > write(1, "smmsp:x:51:51::/var/spool/mqueue"...,
> > 47smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
> > ) = 47
> > write(1, "rpcuser:x:29:29:RPC Service User"...,
> 60rpcuser:x:29:29:RPC
> > Service User:/var/lib/nfs:/sbin/nologin
> > ) = 60
> > write(1, "nfsnobody:x:65534:65534:Anonymou"...,
> > 70nfsnobody:x:65534:65534:Anonymous NFS
> > User:/var/lib/nfs:/sbin/nologin
> > ) = 70
> > write(1, "pcap:x:77:77::/var/arpwatch:/sbi"...,
> > 42pcap:x:77:77::/var/arpwatch:/sbin/nologin
> > ) = 42
> > write(1, "xfs:x:43:43:X Font Server:/etc/X"...,
> 52xfs:x:43:43:X Font
> > Server:/etc/X11/fs:/sbin/nologin
> > ) = 52
> > write(1, "pegasus:x:100:500:tog-pegasus Op"...,
> > 91pegasus:x:100:500:tog-pegasus OpenPegasus WBEM/CIM
> > services:/var/lib/Pegasus:/sbin/nologin
> > ) = 91
> > write(1, "postfix:x:89:89::/var/spool/post"...,
> > 50postfix:x:89:89::/var/spool/postfix:/sbin/nologin
> > ) = 50
> > write(1, "ntp:x:38:38::/etc/ntp:/sbin/nolo"...,
> > 36ntp:x:38:38::/etc/ntp:/sbin/nologin
> > ) = 36
> > read(3, "", 4096) = 0
> > open("/etc/ld.so.cache", O_RDONLY) = 4
> > fstat64(4, {st_mode=S_IFREG|0644, st_size=37645, ...}) = 0
> > old_mmap(NULL, 37645, PROT_READ, MAP_PRIVATE, 4, 0) = 0xb7d1a000
> > close(4) = 0
> > open("/lib/libnss_winbind.so.2", O_RDONLY) = 4 read(4,
> >
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0008\20\0"..., 512)
> > 512
> > fstat64(4, {st_mode=S_IFREG|0755, st_size=19545, ...}) = 0
> > old_mmap(NULL, 27516, PROT_READ|PROT_EXEC,
> MAP_PRIVATE|MAP_DENYWRITE,
> > 4, 0) = 0x593000 old_mmap(0x597000, 4096, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x597000
> > old_mmap(0x598000, 7036, PROT_READ|PROT_WRITE,
> > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x598000
> > close(4) = 0
> > munmap(0xb7d1a000, 37645) = 0
> > getpid() = 2782
> > lstat64("/tmp/.winbindd", {st_mode=S_IFDIR|0755,
> st_size=4096, ...}) > > 0 lstat64("/tmp/.winbindd/pipe",
{st_mode=S_IFSOCK|0777, st_size=0,
> > ...}) = 0
> > socket(PF_FILE, SOCK_STREAM, 0) = 4
> > fcntl64(4, F_GETFL) = 0x2 (flags O_RDWR)
> > fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0
> > fcntl64(4, F_GETFD) = 0
> > fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
> > connect(4, {sa_family=AF_FILE, path="/tmp/.winbindd/pipe"},
110) = 0
> > select(5, [4], NULL, NULL, {0, 0}) = 0 (Timeout)
> > write(4,
> > ",\7\0\0\0\0\0\0\336\n\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1836) = 1836
> > select(5, [4], NULL, NULL, {5, 0}) = 1 (in [4], left {5, 0})
> > read(4,
> >
"\24\5\0\0\2\0\0\0\v\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1300) = 1300
> > select(5, [4], NULL, NULL, {0, 0}) = 0 (Timeout)
> > write(4,
> >
",\7\0\0%\0\0\0\336\n\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1836) = 1836
> > select(5, [4], NULL, NULL, {5, 0}) = 1 (in [4], left {5, 0})
> > read(4,
> >
"C\5\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1300) = 1300
> > select(5, [4], NULL, NULL, {5, 0}) = 1 (in [4], left {5, 0})
> > read(4, "/usr/local/samba/var/locks/winbi"..., 47) = 47
> > lstat64("/usr/local/samba/var/locks/winbindd_privileged",
> > {st_mode=S_IFDIR|0750, st_size=4096, ...}) = 0
> >
lstat64("/usr/local/samba/var/locks/winbindd_privileged/pipe",
> > {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
> > socket(PF_FILE, SOCK_STREAM, 0) = 5
> > fcntl64(5, F_GETFL) = 0x2 (flags O_RDWR)
> > fcntl64(5, F_SETFL, O_RDWR|O_NONBLOCK) = 0
> > fcntl64(5, F_GETFD) = 0
> > fcntl64(5, F_SETFD, FD_CLOEXEC) = 0
> > connect(5, {sa_family=AF_FILE,
> >
> path="/usr/local/samba/var/locks/winbindd_privileged/pipe"}, 110)
= 0
> > close(4) = 0
> > select(6, [5], NULL, NULL, {0, 0}) = 0 (Timeout)
> > write(5,
> >
",\7\0\0\6\0\0\0\336\n\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1836) = 1836
> > select(6, [5], NULL, NULL, {5, 0}) = 1 (in [5], left {5, 0})
> > read(5,
> >
"\24\5\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1300) = 1300
> > select(6, [5], NULL, NULL, {0, 0}) = 0 (Timeout)
> > write(5,
> > ",\7\0\0\10\0\0\0\336\n\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1836) = 1836
> > select(6, [5], NULL, NULL, {5, 0}) = 1 (in [5], left
> {4, 162000})
> > read(5,
> >
"\24\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1300) = 1300
> > close(3) = 0
> > munmap(0xb7d25000, 4096) = 0
> > select(6, [5], NULL, NULL, {0, 0}) = 0 (Timeout)
> > write(5,
> >
",\7\0\0\7\0\0\0\336\n\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1836) = 1836
> > select(6, [5], NULL, NULL, {5, 0}) = 1 (in [5], left {5, 0})
> > read(5,
> >
"\24\5\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> > 1300) = 1300
> > munmap(0xb7d24000, 4096) = 0
> > exit_group(0) = ?
> > Process 2782 detached
> > [root@io samba]#
> >
> > As I can see getent talks to winbindd via its sockets:
> >
> > connect(5, {sa_family=AF_FILE,
> >
> path="/usr/local/samba/var/locks/winbindd_privileged/pipe"}, 110)
= 0
> >
> > But why the hell isn't it able to list the users??
> >
> >
> > Can anyone with a running configuration help me? Any ideas?
> >
> > Thanks
> > J?rg Horchler
> >
> _____________________________________________________________
>
> This email (including any attachments to it) is confidential, legally
> privileged, subject to copyright and is sent for the personal
> attention of the intended recipient only. If you have received this
> email in error, please advise us immediately and delete it. You are
> notified that disclosing, copying, distributing or taking any action
> in reliance on the contents of this information is strictly
> prohibited. Although we have taken reasonable precautions to ensure no
> viruses are present in this email, we cannot accept responsibility for
> any loss or damage arising from the viruses in this email or
> attachments. We exclude any liability for the content of this email,
> or for the consequences of any actions taken on the basis of the
> information provided in this email or its attachments, unless that
> information is subsequently confirmed in writing. If this email
> contains an offer, that should be considered as an invitation to
> treat.
> _____________________________________________________________
>