samba - Aug 2004 - wbinfo -u does not work on local samba pdc

Hello,

I've got a problem with a (local) samba PDC (3.0.6) and wbinfo -u. 

$ wbinfo -u only gives me:
Error looking up domain users

$ wbinfo -g only gives me builtin groups:
BUILTIN\System Operators
BUILTIN\Replicators
BUILTIN\Guests
BUILTIN\Power Users
BUILTIN\Print Operators
BUILTIN\Administrators
BUILTIN\Account Operators
BUILTIN\Backup Operators
BUILTIN\Users

but:
$ net groupmap list
System Operators (S-1-5-32-549) -> -1
Domain Admins (S-1-5-21-1271412688-1617304077-3128757989-512) -> smbadm
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> nogroup
Power Users (S-1-5-32-547) -> -1
Domain Users (S-1-5-21-1271412688-1617304077-3128757989-513) -> users
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Account Operators (S-1-5-32-548) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> users
Domain Guests (S-1-5-21-1271412688-1617304077-3128757989-514) -> nogroup

$ net rpc testjoin
Join to 'MEH' is OK

$ wbinfo -p
Ping to winbindd succeeded on fd 4

$ wbinfo -t
checking the trust secret via RPC calls succeeded

So, to me this sounds ok, but why wbinfo doesn't work correctly either?!
To clear that up: I'm running wbinfo on the same machine the samba pdc does
run.

winbind use default domain = yes
idmap uid = 15000-20000
idmap gid = 15000-20000
wins support = yes   
os level = 35
preferred master = yes
domain master = yes
local master = yes
security = user
workgroup = MEH

Kind regards,
Christian

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Christian Stuellenberg wrote:

| I've got a problem with a (local) samba PDC (3.0.6)
| and wbinfo -u.
|
| $ wbinfo -u only gives me:
| Error looking up domain users
|

WInbindd running on a Samba DC should only return the users
from trusted domains.  So the error message is a little
misleading.

use pdbedit -L to list users in the Samba domain.




cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBMzVYIR7qMdg1EfYRArq7AJ9mGTCGkW+W9xjyIJifDEEG9X8nnwCg8mkA
8aa2WDCpv5RE+UNHG4GbqD4=Tf7W
-----END PGP SIGNATURE-----

Jerry,
> WInbindd running on a Samba DC should only return the users
> from trusted domains.  So the error message is a little
> misleading.
indeed. 

I am still a little confused whether it makes sense to run winbind on
DCs when there are no trusted domains.

regards, Gunther

-- 
Gunther Schlegel                    Riege Software International GmbH
Manager System Administration                            Mollsfeld 10
                                             40670 Meerbusch, Germany
Email: schlegel@riege.de                      Phone: +49-2159-9148-0
                                              Fax:   +49-2159-9148-11
---------------------------------------------------------------------

Disclaimer:
You may grab my GPG key from http://www.keyserver.net .
A nonproportional font is recommended for reading.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20040831/c2db23f4/attachment.bin