Re: [Samba] could not read attribute 'msSFU30UidNumber'

Tue, 24 Oct 2006 11:49:25 -0700

I cranked up the debug level of winbindd, so I have a bit more info on this. Should I file a bug on this? I'm pretty sure I'm not doing anything wrong. Here's the winbindd log from running wbinfo -S SID with the debug level set to 10. 
[2006/10/24 11:37:14, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 17
[2006/10/24 11:37:14, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2006/10/24 11:37:14, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(474) 
[    0]: request interface version
[2006/10/24 11:37:14, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2006/10/24 11:37:14, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(507) 
[    0]: request location of privileged pipe
[2006/10/24 11:37:14, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2006/10/24 11:37:14, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn SID_TO_UID
[2006/10/24 11:37:14, 3] nsswitch/winbindd_sid.c:winbindd_sid_to_uid(153)
[    0]: sid to uid S-1-5-21-1080779907-1917946211-1564786409-1362
[2006/10/24 11:37:14, 10] sam/idmap_util.c:idmap_sid_to_uid(70)
idmap_sid_to_uid: sid = [S-1-5-21-1080779907-1917946211-1564786409-1362]
[2006/10/24 11:37:14, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2006/10/24 11:37:14, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-1080779907-1917946211-1564786409-1362 of type 0x1 
[2006/10/24 11:37:14, 10] sam/idmap_tdb.c:internal_get_id_from_sid(187)
internal_get_id_from_sid: record S-1-5-21-1080779907-1917946211-1564786409-1362 not found 
[2006/10/24 11:37:14, 10] sam/idmap_util.c:idmap_sid_to_uid(70)
idmap_sid_to_uid: sid = [S-1-5-21-1080779907-1917946211-1564786409-1362]
[2006/10/24 11:37:14, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2006/10/24 11:37:14, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-1080779907-1917946211-1564786409-1362 of type 0x1 
[2006/10/24 11:37:14, 10] sam/idmap_tdb.c:internal_get_id_from_sid(187)
internal_get_id_from_sid: record S-1-5-21-1080779907-1917946211-1564786409-1362 not found [2006/10/24 11:37:14, 10] nsswitch/winbindd_util.c:find_lookup_domain_from_sid(665) 
find_lookup_domain_from_sid(S-1-5-21-1080779907-1917946211-1564786409-1362)
[2006/10/24 11:37:14, 10] nsswitch/winbindd_util.c:find_lookup_domain_from_sid(675) 
calling find_our_domain
[2006/10/24 11:37:14, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1995) 
Retrieving response for pid 29815
[2006/10/24 11:37:14, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1995) 
Retrieving response for pid 29820
[2006/10/24 11:37:14, 5] nsswitch/winbindd_async.c:idmap_sid2uid_recv(232)
sid2uid returned an error
[2006/10/24 11:37:14, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1995) 
Retrieving response for pid 29820
[2006/10/24 11:37:14, 5] nsswitch/winbindd_async.c:idmap_sid2uid_recv(232)
sid2uid returned an error
[2006/10/24 11:37:14, 5] nsswitch/winbindd_async.c:sid2uid_alloc_recv(1228)
Could not allocate uid
[2006/10/24 11:37:14, 5] nsswitch/winbindd_sid.c:sid2uid_recv(188)
Could not convert sid S-1-5-21-1080779907-1917946211-1564786409-1362 




Hi,  

I'm using samba 3.0.23c, and having a bit of trouble getting it to play 
nice with my active directory. I'm using Windows Small Business Server 
2003 with the SFU 3.5 NIS server/schema extensions installed. I have samba 
configured to use ad as the idmap backend, and sfu for nss info.  

When running getent passwd, only a few active directory users show up, and 
I get lots of errors like this in my winbind log:  


[2006/10/20 15:33:49, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309)

ad_idmap_get_id_from_sid: ads_pull_uint32: could not read attribute 
'msSFU30UidNumber'
[2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(85) 
error getting user id for sid 
S-1-5-21-1020778807-1917943211-1564386419-1158

[2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_getpwent(711)

could not lookup domain user TestUser  


wbinfo -u prints out all my users
wbinfo -g prints out all my groups
getent group prints out all my groups and their unix IDs

getent -r username seems to get the correct user group unix ids for all 
the users, even the ones that don't see to be able to have their SID 
converted to a UID.  

Anyone have any ideas?  

The most relevant section of my smb.conf is  


encrypt passwords = yes
 idmap uid = 10000-20000
 idmap gid = 10000-20000
 idmap backend = ad
 winbind enum users = yes
 winbind enum groups = yes
 winbind nss info = sfu
 winbind use default domain = yes

 winbind separator = #  




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba






















					Reply via email to