While investigating an unrelated issue I discovered that winbind is
completely confused or corrupt on one machine, a domain member server
running Samba 3.0.34:
# wbinfo -u
NAS\backup-private
NAS\backup-public
...
administrator
guest
michaell
...
administrator
administrator
michaell
...
administrator
administrator
guest
Segmentation fault
NAS is the name of the domain member server; the name of the domain,
HQ, isn't shown for the other accounts. ("winbind use default
domain"
is "yes".) Accounts from the domain controller are obviously and
incorrectly repeated several times. I noticed this a day or two ago;
at the time there was no segmentation fault, but there were blank
lines between some users. Hmmm. (I'll include the NAS smb.conf file
below. You might notice that it's using the smbpasswd backend. This is
a commercial product; it came configured that way.)
No other machines on the network show anything like this, so I'm
assuming the problem is local to the one computer. Is it
mis-configuration or corruption or both? (tdbdump doesn't complain
about any tdb files, so perhaps any corruption would be logical rather
than physical?)
I have forced the following files to be re-created:
/var/lib/samba/idmap_cache.tdb
/var/lib/samba/winbind_cache.tdb
/var/lib/samba/winbind_idmap.tdb
Many files in that dir haven't been modified since 2007; the ones that
have been are:
/var/lib/samba/brlock.tdb
/var/lib/samba/browse.dat
/var/lib/samba/locking.tdb
/var/lib/samba/messages.tdb
/var/lib/samba/notify.tdb
/var/lib/samba/registry.tdb
/var/lib/samba/sessionid.tdb
/var/lib/samba/unexpected.tdb
Any ideas about where I might go looking? What would cause wbinfo to
process a domain more than once?
Thanks!
==
[global]
allow trusted domains = 1
delete readonly = 1
delete veto files = 1
dos charset = CP437
encrypt passwords = 1
follow symlinks = 1
force unknown acl user = 1
force writeback = 1
guest account = nobody
hostname lookups = 1
idmap gid = 35000-65000
idmap uid = 35000-65000
level2 oplocks = 0
load printers = 1
log level = 0 auth:2
map acl inherit = 1
max log size = 256
name resolve order = "lmhosts host wins bcast"
null passwords = 1
obey pam restrictions = 1
oplocks = 0
orgunit passwd program = "/usr/bin/passwd %u"
password server = *
preserve case = 1
security = domain
server string short preserve case = 1
store dos attributes = 1
syslog = 0
syslog only = 0
template homedir = /c/home/%D/%U
unix charset = UTF-8
unix password sync = 1
veto files =
"/.AppleDouble/.AppleDB/.AppleDesktop/:2eDS_Store/:2eTemporaryItems/TheVolumeSettingsFolder/TheFindByContentFolder/Network
Trash Folder/Temporary Items/"
winbind use default domain = 1
wins server = 192.168.10.10
workgroup = HQ