Jonathan C. Detert
2006-Aug-10 14:07 UTC
[Samba] winbind: group name doesn't map to a SID, but gid does
I'm using winbind v3.0.22 on Debian Linux as a source for nss info.
I have a group that was once known by winbind, but is no more:
------ beging shell except ------
# ls -ld ./
drwxrws--- 10 root $MND000-TT227MV5K24I 4096 2006-05-10 15:41 ./
#
------ end shell except ------
It must have been known, as I was the one who chgrp'ed the dir
originally.
I know what the group name is supposed to be. When I look it up in
MsAD UsersNGroups, I see it has unix attribute gid = 29922.
"wbinfo -G 29922" produces the sid.
"wbinfo -s <thesid>" produces:
the group's RID shown above, with domain name prefixed, and "
2"
suffixed.
"wbinfo -n <posixgroupname>" produces:
"Could not lookup name <posixgroupname>"
Pertinent smb.conf entries:
winbind enum groups = yes
winbind enum users = yes
winbind nested groups = yes
winbind separator = +
winbind use default domain = yes
winbind nss info = sfu
idmap gid = 500-45000
idmap uid = 500-45000
idmap backend = ad
Any idea what is wrong? I restarted winbind, but that didn't help. I
stopped winbind, removed the winbindd_idmap.tdb, and then restarted
winbind, but the groupname is still not found.
--
Happy Landings,
Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.
Jonathan C. Detert
2006-Aug-10 14:18 UTC
[Samba] winbind: group name doesn't map to a SID, but gid does
* Jonathan C. Detert <detertj@msoe.edu> [060810 09:09]:> I'm using winbind v3.0.22 on Debian Linux as a source for nss info. > I have a group that was once known by winbind, but is no more:> ------ beging shell except ------ > # ls -ld ./ > drwxrws--- 10 root $MND000-TT227MV5K24I 4096 2006-05-10 15:41 ./problem solved: the group in question had the attribute 'name' set to the group name I expected, but the attribute 'samAccountName' was set to the group RID shown above. Once I set the 'samAccountName' to the same value, wbinfo -n <groupname> works fine. - JD> # > ------ end shell except ------ > > It must have been known, as I was the one who chgrp'ed the dir > originally. > > I know what the group name is supposed to be. When I look it up in > MsAD UsersNGroups, I see it has unix attribute gid = 29922. > > "wbinfo -G 29922" produces the sid. > > "wbinfo -s <thesid>" produces: > the group's RID shown above, with domain name prefixed, and " 2" > suffixed. > > "wbinfo -n <posixgroupname>" produces: > "Could not lookup name <posixgroupname>" > > Pertinent smb.conf entries: > > winbind enum groups = yes > winbind enum users = yes > winbind nested groups = yes > winbind separator = + > winbind use default domain = yes > winbind nss info = sfu > idmap gid = 500-45000 > idmap uid = 500-45000 > idmap backend = ad > > Any idea what is wrong? I restarted winbind, but that didn't help. I > stopped winbind, removed the winbindd_idmap.tdb, and then restarted > winbind, but the groupname is still not found. > -- > Happy Landings, > > Jon Detert > IT Systems Administrator, Milwaukee School of Engineering > 1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba-- Happy Landings, Jon Detert IT Systems Administrator, Milwaukee School of Engineering 1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.