samba - Mar 2007 - winbindd logging problem, filling up log filesystem

Greetings all...

I'm new to the list -- hope to be a contributor, as I've been using and
teaching Samba for decades now (I used to be the author of the
"advanced"
UNIX course for Learning Tree International -- until they "retired"
it).

I've scoured the archives and haven't been able to find any example that
matches my problem, so I'm here first to solve a problem. If I can help
answer others questions along the way, I'll have paid my dues.

Background: Our enviroment is mixed Win2K3 & Linux (RHEL 4). Win2K3 is the
sole AD server, and the linux system does virtually all of the file
storage. There are 40 or so users at any given time. Samba is installed
using the RPM supplied from RHN, and we're at 3.0.24-1. Winbind is started
at the same time (same script) as the rest of Samba, so there is no
appreciable delay from when users have access and when winbind can
validate the access.

The AD Domain is named pdr.local & the samba netbios name is SERVER (these
are relevant below).

Problem: We're getting log file entries virtually every new system access
because winbindd is attempting to use the server netbios name as a domain
name.
The error text is:
[2007/03/14 14:30:46, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(259)
  group 10002 in domain SERVER does not exist

NOTE: Users are NOT being denied access, its just that these error
messages, with so many users, are generating very large log files...
currently, we keep 5 weeks of log files around for security tracking, if
necessary. The winbind.log files are exceeding 200 MB in a week! (my /var
partition is only 1 GB, so you can see the problem!)

Is there really a problem here, or do I need to run a nightly script and
take out the lines that complain about UID 10002 (which maps to a
perfectly valid "PDR+Domain Users" on the AD server)????

All comments welcome.

Dan

-- 


Dan McAllister, President
IT4SOHO, LLC