Kent Wick
2006-Apr-26 14:10 UTC
[Samba] Many msgs log.winbindd about "group xxxxx in domain yyyyy does not exist"
I am seeing many, many msgs in log.winbindd with the following text:
[2006/04/14 08:54:29, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(255)
group system in domain AIXSAMBA does not exist
Would anybody be able to point me in the right direction to determine what this
is complaining about?
One area I do not understand is why it is complaining about AIXSAMBA (the
NETBIOS name).
There is an entry in /etc/group for the "system" group (GID = 0).
I do have some directories in one of the samba shares with an acl set as
follows:
*
* ACL_type AIXC
*
attributes:
base permissions
owner(root): rwx
group(win_domain_users): rwx
others: r-x
extended permissions
enabled
permit rwx g:system
Environment:
AIX 5.3: long names enabled (31 char including ending zero), using pam for
authentication
Samba 3.0.22 (compiled from source), configure options were:
--with-pam --with-acl-support --with-aio-support --with-winbind
smb.conf contents:
[global]
workgroup = ERSSECURITY
netbios name = AIXSAMBA
server string = Samba3
security = DOMAIN
log file = /usr/local/samba/var/log.%m
log level = 1
algorithmic rid base = 500000
winbind uid = 100001-500000
winbind gid = 100001-500000
[denali_d]
path = /samba/denali01
acl group control = yes
create mask = 0775
directory mask = 2775
# force group = win_domain_cntlr
# inherit acls = yes
inherit permissions = yes
read only = no
writeable = yes
guest ok = no
admin users = @win_domain_admin
[denali_f]
path = /samba/denali02
acl group control = yes
create mask = 0775
directory mask = 2775
force group = win_domain_admin
# inherit acls = yes
inherit permissions = yes
read only = no
writeable = yes
guest ok = no
admin users = @win_domain_admin
Results from wbinfo -g:
BUILTIN\system operators
BUILTIN\administrators
followed by all the groups in the WinNT PDC domain.
Results from "net groupmap list":
System Operators (S-1-5-32-549) -> win_sys_oper
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Domain Controllers (S-1-5-21-1748253822-1525897820-1959552931-3641) ->
win_domain_cntlr
Domain Admins (S-1-5-21-3484108990-1107034133-219603564-512) ->
win_domain_admin
Domain Guests (S-1-5-21-3484108990-1107034133-219603564-514) -> -1
Power Users (S-1-5-32-547) -> -1
Domain Users (S-1-5-21-3484108990-1107034133-219603564-513) ->
win_domain_users
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> win_administrator
Account Operators (S-1-5-32-548) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1
The "win_xxxxx" groups above are in the /etc/group file as:
win_sys_oper:!:5001:
win_domain_admin:!:5002:user1,user2,user3,user4
win_administrator:!:5003:user1,user2
win_domain_users:!:5004:user5,user6,user7,user3,user1,usert,user2,user8
win_domain_cntlr:!:5005:
Thanks for any assistance/advice that y'all can provide.
K Wick, Texas Emp Retirement Syst
Phone: 512-867-7325
Possibly Parallel Threads
- Windows 2000 Terminal Server Environment
- 6393049 in.ndpd[XXXXX]: phyint_init_from_k: SIOCSLIFLNKINFO (interface ip6.tunN): Invalid argument
- len xxxxx deyond eof at 8192
- "Couldn't load variables.txt?aldope=xxxxx "
- child xxxxx (imap) returned error 83 (Out of memory)
Wisdom of the Ancients
