Tim
2015-Feb-25 09:31 UTC
[Samba] getent passwd not return the same number of records from a call to another call
I know that ID. I had this 70001 too sometime. It was a cache problem. Try "net cache flush" and after this getent once more. This should work. Regards Tim Am 25. Februar 2015 09:45:40 MEZ, schrieb "Herv? H?noch" <h.henoch at isc84.org>:>Both groups are Samba groups > >wbinfo --group-info gives for each group : >GID of domain users is 513 >GID of info is 3000023 > >Why if I change the range I always see the same GID with winbind on the > >member (example : 700001) ? > >Le 25/02/2015 09:32, L.P.H. van Belle a ?crit : >> really, this getent with grep should not return anyting. >> >> because : 700001 is not 70001 ;-) >> >>> getent group | grep 700001 gives : >>> domain users:x:70001: >>> info:x:70001:toto,titi,tutu >> exist both groups only in the AD DC directory, or are ther also linux >groups here. >> are both assigned a GID how? >> >> Greetz, >> >> Louis >> >> >>> -----Oorspronkelijk bericht----- >>> Van: h.henoch at isc84.org [mailto:samba-bounces at lists.samba.org] >>> Namens Herv? H?noch >>> Verzonden: woensdag 25 februari 2015 9:19 >>> Aan: Tim; samba at lists.samba.org >>> Onderwerp: Re: [Samba] getent passwd not return the same >>> number of records from a call to another call >>> >>> Here is my smb.conf (on member domain) : >>> >>> idmap config * : backend = tdb >>> idmap config * : range = 2000-9999 >>> idmap config * : schema_mode = rfc2307 >>> idmap config DOMAIN : backend = ad >>> idmap config DOMAIN : schema-_mode = rfc2307 >>> idmap config DOMAIN : range = 10000-999999 >>> >>> winbind nss info = rfc2307 >>> winbind trusted domains only = no >>> winbind use default domain = yes >>> winbind enum users = yes >>> winbind enum groups = yes >>> winbind refresh tickets = yes >>> >>> getent group | grep 700001 gives : >>> domain users:x:70001: >>> info:x:70001:toto,titi,tutu >>> >>> Same group id !!! >>> >>> >>> >>> Le 24/02/2015 21:34, Tim a ?crit : >>>> Hello Herv?, >>>> >>>> what's your way of resolution? Are you using winbind, sssd,...? >>>> >>>> Regards >>>> Tim >>>> >>>> Am 24. Februar 2015 20:53:15 MEZ, schrieb "Herv? H?noch" >>>> <h.henoch at isc84.org>: >>>> >>>> Hello >>>> >>>> On AD Server : >>>> -------------------- >>>> >>>> We have migrated from S3 to S4 with samba-tools >>> classicupgrade. All is >>>> ok : bind9, winbind but getent has a strange behavior. >>>> >>>> getent passwd doesn't return the same number of records. >>> So a AD user >>>> can be not present in the response of getent !!!! >>>> >>>> it can have a big difference of records returned from a >>> call to another >>>> call of getent passwd ... >>>> >>>> On the other hand, wbinfo -u returns always the same >>> number of records. >>>> What can be the problem ? >>>> >>>> (I'm on a debian jessie, rfc2307 is on, and the >>> installation of samba >>>> has been done by apt-get ... ) >>>> >>>> >>>> On AD domain member : >>>> >>> --------------------------------------------------------------- >>> --------- >>>> >>>> We have the same problem (same distribution and installation). >>>> Futhermore, "getent group" returns some groups with the same >ID. >>>> >>>> Maybe problems are bounded. >>>> >>>> >>>> Regards >>>> >>> -- >>> >>> Herv? H?noch >>> Responsable informatique >>> Institut Sainte Catherine >>> 250 chemin de Baigne-Pieds >>> CS 80005 ? 84918 AVIGNON cedex 9 >>> T?l?phone : 04.90.27.57.44 >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >>> > >-- > >Herv? H?noch >Responsable informatique >Institut Sainte Catherine >250 chemin de Baigne-Pieds >CS 80005 ? 84918 AVIGNON cedex 9 >T?l?phone : 04.90.27.57.44 >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba
Hervé Hénoch
2015-Feb-25 10:47 UTC
[Samba] getent passwd not return the same number of records from a call to another call
Yes it is good !!!! But I don't understand why a reboot does not do the same thing or a remove of the tdb files in /var/lib/samba too ? We have done that without any changes !!! Le 25/02/2015 10:31, Tim a ?crit :> I know that ID. I had this 70001 too sometime. It was a cache problem. > Try "net cache flush" and after this getent once more. > This should work. > > Regards > Tim > > Am 25. Februar 2015 09:45:40 MEZ, schrieb "Herv? H?noch" > <h.henoch at isc84.org>: > > Both groups are Samba groups > > wbinfo --group-info gives for each group : > GID of domain users is 513 > GID of info is 3000023 > > Why if I change the range I always see the same GID with winbind on the > member (example : 700001) ? > > Le 25/02/2015 09:32, L.P.H. van Belle a ?crit : > > really, this getent with grep should not return anyting. > because : 700001 is not 70001 ;-) > > getent group | grep 700001 gives : domain users:x:70001: > info:x:70001:toto,titi,tutu > > exist both groups only in the AD DC directory, or are ther > also linux groups here. are both assigned a GID how? Greetz, > Louis > > -----Oorspronkelijk bericht----- Van: h.henoch at isc84.org > [mailto:samba-bounces at lists.samba.org] Namens Herv? H?noch > Verzonden: woensdag 25 februari 2015 9:19 Aan: Tim; > samba at lists.samba.org Onderwerp: Re: [Samba] getent passwd > not return the same number of records from a call to > another call Here is my smb.conf (on member domain) : > idmap config * : backend = tdb idmap config * : range > 2000-9999 idmap config * : schema_mode = rfc2307 idmap > config DOMAIN : backend = ad idmap config DOMAIN : > schema-_mode = rfc2307 idmap config DOMAIN : range > 10000-999999 winbind nss info = rfc2307 winbind trusted > domains only = no winbind use default domain = yes winbind > enum users = yes winbind enum groups = yes winbind refresh > tickets = ye s getent group | grep 700001 gives : domain > users:x:70001: info:x:70001:toto,titi,tutu Same group id > !!! Le 24/02/2015 21:34, Tim a ?crit : > > Hello Herv?, what's your way of resolution? Are you > using winbind, sssd,...? Regards Tim Am 24. Februar > 2015 20:53:15 MEZ, schrieb "Herv? H?noch" > <h.henoch at isc84.org>: Hello On AD Server : > -------------------- We have migrated from S3 to S4 > with samba-tools > > classicupgrade. All is > > ok : bind9, winbind but getent has a strange behavior. > getent passwd doesn't return the same number of records. > > So a AD user > > can be not present in the response of getent !!!! it > can have a big difference of records returned from a > > call to another > > call of getent passwd ... On the other hand, wbinfo -u > returns always the same > > number of records. > > What can be the problem ? (I'm on a debian jessie, > rfc2307 is on, and the > > installation of samba > > has been done by apt-get ... ) On AD domain member : > > ------------------------------------------------------------------------ > --------- > > We have the same problem (same distribution and > installation). Futhermore, "getent group" returns some > groups with the same ID. Maybe problems are bounded. > Regards > > -- Herv? H?noch Responsable informatique Institut Sainte > Catherine 250 chemin de Baigne-Pieds CS 80005 ? 84918 > AVIGNON cedex 9 T?l?phone : 04.90.27.57 > <http://4.90.27.57>.44 -- To unsubscribe from this list go > to the following URL and read the instructions: > https://lists.samba.org/mailman/options/samba >-- Herv? H?noch Responsable informatique Institut Sainte Catherine 250 chemin de Baigne-Pieds CS 80005 ? 84918 AVIGNON cedex 9 T?l?phone : 04.90.27.57.44
Tim
2015-Feb-25 13:31 UTC
[Samba] getent passwd not return the same number of records from a call to another call
I don't really remember where I found this. But I'm pretty sure, I found it in the winbind logs - something like /var/log/samba/log.winbind*. I grepped 70001 out of it et voila: A user - administrator in my case - got that ID. net cache flush resolved that problem. Today I'm using SSSD. It's got a cache too which can be expired/released with a command like "sss_cache -UG" for users and groups. Regards Tim Am 25.02.2015 11:47, schrieb Herv? H?noch:> Yes it is good !!!! > > But I don't understand why a reboot does not do the same thing or a > remove of the tdb files in /var/lib/samba too ? We have done that > without any changes !!! > > > Le 25/02/2015 10:31, Tim a ?crit : >> I know that ID. I had this 70001 too sometime. It was a cache problem. >> Try "net cache flush" and after this getent once more. >> This should work. >> >> Regards >> Tim >> >> Am 25. Februar 2015 09:45:40 MEZ, schrieb "Herv? H?noch" >> <h.henoch at isc84.org>: >> >> Both groups are Samba groups >> >> wbinfo --group-info gives for each group : >> GID of domain users is 513 >> GID of info is 3000023 >> >> Why if I change the range I always see the same GID with winbind >> on the >> member (example : 700001) ? >> >> Le 25/02/2015 09:32, L.P.H. van Belle a ?crit : >> >> really, this getent with grep should not return anyting. >> because : 700001 is not 70001 ;-) >> >> getent group | grep 700001 gives : domain users:x:70001: >> info:x:70001:toto,titi,tutu >> exist both groups only in the AD DC directory, or are ther >> also linux groups here. are both assigned a GID how? Greetz, >> Louis >> >> -----Oorspronkelijk bericht----- Van: h.henoch at isc84.org >> [mailto:samba-bounces at lists.samba.org] Namens Herv? H?noch >> Verzonden: woensdag 25 februari 2015 9:19 Aan: Tim; >> samba at lists.samba.org Onderwerp: Re: [Samba] getent passwd >> not return the same number of records from a call to >> another call Here is my smb.conf (on member domain) : >> idmap config * : backend = tdb idmap config * : range >> 2000-9999 idmap config * : schema_mode = rfc2307 idmap >> config DOMAIN : backend = ad idmap config DOMAIN : >> schema-_mode = rfc2307 idmap config DOMAIN : range >> 10000-999999 winbind nss info = rfc2307 winbind trusted >> domains only = no winbind use default domain = yes winbind >> enum users = yes winbind enum groups = yes winbind refresh >> tickets = ye s getent group | grep 700001 gives : domain >> users:x:70001: info:x:70001:toto,titi,tutu Same group id >> !!! Le 24/02/2015 21:34, Tim a ?crit : >> >> Hello Herv?, what's your way of resolution? Are you >> using winbind, sssd,...? Regards Tim Am 24. Februar >> 2015 20:53:15 MEZ, schrieb "Herv? H?noch" >> <h.henoch at isc84.org>: Hello On AD Server : >> -------------------- We have migrated from S3 to S4 >> with samba-tools >> classicupgrade. All is >> >> ok : bind9, winbind but getent has a strange behavior. >> getent passwd doesn't return the same number of records. >> So a AD user >> >> can be not present in the response of getent !!!! it >> can have a big difference of records returned from a >> call to another >> >> call of getent passwd ... On the other hand, wbinfo -u >> returns always the same >> number of records. >> >> What can be the problem ? (I'm on a debian jessie, >> rfc2307 is on, and the >> installation of samba >> >> has been done by apt-get ... ) On AD domain member : >> >> ------------------------------------------------------------------------ >> --------- >> >> We have the same problem (same distribution and >> installation). Futhermore, "getent group" returns some >> groups with the same ID. Maybe problems are bounded. >> Regards >> >> -- Herv? H?noch Responsable informatique Institut Sainte >> Catherine 250 chemin de Baigne-Pieds CS 80005 ? 84918 >> AVIGNON cedex 9 T?l?phone : 04.90.27.57 >> <http://4.90.27.57>.44 -- To unsubscribe from this list go >> to the following URL and read the instructions: >> https://lists.samba.org/mailman/options/samba >> >
Seemingly Similar Threads
- getent passwd not return the same number of records from a call to another call
- getent passwd not return the same number of records from a call to another call
- getent passwd not return the same number of records from a call to another call
- getent passwd not return the same number of records from a call to another call
- Can add with net rpc command but NOT with dsa.msc