hello we got a serious problem with samba 223 and winbind i didn't find alot about on the net so I thought it could be interesting to tell you we have a file server w/ mandrake 8.0, a custom kernel 2.4.18 with quotas, acls, and a custom samba 2.2.3 with quotas, acl, and winbind. samba forwards auth to an NT PDC. FS rights are given on domain user names. there are quite a lot users, ca 2000. a few days ago we noticed that smbstatus -b gave numeric information instead of username. then we saw that more and more files in user directories had no more valid owner name when doing an "ls -l". we also noticed that the UIDs being assigned by winbind were going higher and higher : it shouldn't have gone above 12000-13000 (10000 + number of SIDs in the NT domain) but it quickly reached more than 18000. we thought that it was a winbind bug, and decided to migrate rapidly to 2.2.7 (another server, with the same h/w and s/w conf except samba version, is working fine, in another domain and another set of users, say ca 1500). as everything was compatible we just copied the whole samba tree but var/locks, where winbind databases reside. we thought that even if a lot of uids were lost, the most important thing was to keep each owner's rights. unfortunately this didn't solve the problem, winbind was still allocating UIDs, and a while ago we got new problems : thought users had a valid account, they couldn't access to their shares anymore, getting an invalid account answer. working with wbinfo, i saw that i could get the right answer when querying a SID from a name (wbinfo -n), and a name from a SID (-s), but when querying a UID from a SID (-S) I got the error "Could not convert sid ###-...-### to uid". this was forbidding new connections. we stopped samba, cleared var/locks and restarted it then we gave manually (well, with a set of scripts, actually) all the rights to all the files. hopefully each user could write in his own dir only, and we could associate the name of the dir and the name of the user. we were indeed very lucky from this point of view. conversly, I hope this will be enough to solve the problem, or else it would mean that we could get the same problem on the other server (which was launched with 2.2.7) I'd appreciate a lot any info, either confirming this is a bug or explaining what kind of situation could have make this happen. tia - * - * - * - * - * - * - Bien s?r que je suis perfectionniste ! Mais ne pourrais-je pas l'?tre mieux ? Thierry ITTY eMail : Thierry.Itty@Besancon.org FRANCE