Hello all,
I have a strange problem that I'd like advice on. Here I run
several samba servers as home directory and print servers for an NT 4.0 (sp6a)
domain. The domains relevant to this problem are CANNING and STUDENT.
The STUDENT domain trusts users in the CANNING domain.
My samba server is RedHat 6.2 (+ updates) running samba 2.2.7 (built today).
I upgraded because of a different problem which has been resolved.
I believe that the problem is to my winbind_idmap.tdb file.
The problem is that if I ask to a "passwd" entry for a winbind user
via name it works but via uid it fails. Now currently there are only about
12 users that aren't working correctly.
for example:
Working:
[root@danish /tmp]# perl -e "print join('
',getpwnam('STUDENT_0251347')),$/"
STUDENT_0251347 x 15983 10001 Wing Pui Ma /NTAccounts/homes/STUDENT/0251347
/bin/false
[root@danish /tmp]# perl -e "print join('
',getpwuid(15983)),$/"
STUDENT_0251347 x 15983 10001 Wing Pui Ma /NTAccounts/homes/STUDENT/0251347
/bin/false
[root@danish /tmp]#
Not Working:
[root@danish /tmp]# perl -e "print join('
',getpwnam('STUDENT_0251040')),$/"
STUDENT_0251040 x 10196 10001 Anthea Simpson
/NTAccounts/homes/STUDENT/0251040 /bin/false
[root@danish /tmp]# perl -e "print join('
',getpwuid(10196)),$/"
[root@danish /tmp]#
I did a little further digging and I see, for all the accounts that don't
correctly uid->name map I also cannot uid->sid map. ie:
Working:
[root@danish samba]# wbinfo -U 15983
S-1-5-21-1201230140-1892445974-1082013118-3961
Not Working:
[root@danish samba]# wbinfo -U 10196
Could not convert uid 10196 to sid
For all the entries that cannot map uid->sid I also get a line in
windbindd.log:
[2002/11/22 13:22:59, 1] nsswitch/winbindd_sid.c:winbindd_uid_to_sid(178)
Could not convert uid 10196 to rid
I have verified that the users that don't work correctly do exist on the NT
domain. eg:
Administrator@MUFFIN ~/sid-utils/sid
$ ./user2sid.exe 0251040
S-1-5-21-1201230140-1892445974-1082013118-2265
Number of subauthorities is 5
Domain is STUDENT
Length of SID in memory is 28 bytes
Type of SID is SidTypeUser
Administrator@MUFFIN ~/sid-utils/sid
[root@danish nsswitch]# wbinfo -n STUDENT_0251040
S-1-5-21-1201230140-1892445974-1082013118-2265 1
So basically I'm guessing that means somehow my winbindd_idmap.tdb is
confused. Does anyone know how I can fix this problem?
Yours Tony
Jan 22-25 2003 Linux.Conf.AU http://linux.conf.au/
The Australian Linux Technical Conference!
