-Messaggio originale-
Da: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Inviato: giovedì 10 maggio 2007 17.23
A: Gianluca Culot
Cc: [EMAIL PROTECTED] Samba. Org
Oggetto: Re: R: R: R: [Samba] LS not showing AD owner username and
groupname
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gianluca Culot wrote:
well this
mail# ~ perl -e '@user = getpwuid(10); print @user\n;'
give
empty line
as result
Same getgrgid
could be my UID database for samba is corrupted ?
I've upgraded from 14b... and something in configuration changed.
but I supposed samba would adjust automatically UIDs and
that eventually I'd change the ownership of home directories
for my email users
well
thanks A LOT for your great helping. I banged my head
on this problem for whole day long and learned a lot about
samba... I'll resume tomorrow (Central Europe Time)
Look for things like nscd reset the cache. Also turn
up logging in smb.conf and look at the log.{wb,winbind}*
log files for clues.
cheers, jerry
=
Samba--- http://www.samba.org
Centeris --- http://www.centeris.com
What man is a man who does not make the world better? --Balian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGQzjbIR7qMdg1EfYRAg8uAKCXLn7WK6lv/yAaMCXrD/tlYdsgmQCgqmhM
okPYuAQlCj5rswvhar5uR3g=
=FEiW
-END PGP SIGNATURE-
That's getting HARD
Yesterday I raised the log... and... Now I have a lot
YET almost NO ERROR, excluded failed password entries by users.
the only anomalous line is Failed to enumerate local groups!
[2007/05/11 09:56:35, 3]
nsswitch/winbindd_group.c:get_sam_group_entries(610)
get_sam_group_entries: Failed to enumerate domain local groups!
[2007/05/11 09:56:35, 3] nsswitch/winbindd_group.c:winbindd_getgrent(659)
[0]: getgrent
[2007/05/11 09:56:35, 3]
nsswitch/winbindd_group.c:winbindd_setgrent_internal(465)
[0]: setgrent
[2007/05/11 09:56:43, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[0]: request interface version
[2007/05/11 09:56:43, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[0]: request location of privileged pipe
[2007/05/11 09:56:43, 3] nsswitch/winbindd_group.c:winbindd_getgrgid(430)
[0]: getgrgid 1513
but I cannot understand to which request it is related
Yet think I'm homing on the problem
every option in net ads (for example testjoin) gives positive answer. No
problem on join (the problem shall be in samba, not in samba/ad dialogue)
Every option in wbinfo gives positive results EXCEPT
wbinfo -U group id
which answers back
Could not convert uid 1513 to sid
and in log.winbindd I get
[2007/05/11 09:47:23, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[0]: request interface version
[2007/05/11 09:47:23, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[0]: request location of privileged pipe
[2007/05/11 09:47:23, 3] nsswitch/winbindd_sid.c:winbindd_uid_to_sid(280)
[0]: uid to sid 1513
and If i try to list a directory with files and subdirs beloging to a domain
group...
mail# /usr/home/gianlucaculot ls -al /usr/home
total 44
drwxr-xr-x 21 root wheel 512 May 7 12:30 .
drwxr-xr-x 20 root wheel 512 May 2 15:50 ..
drwx-- 3 1500 1513 512 May 6 19:02 administrator
in log.winbindd I see
[2007/05/11 09:45:22, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[0]: request interface version
[2007/05/11 09:45:22, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[0]: request location of privileged pipe
[2007/05/11 09:45:22, 3] nsswitch/winbindd_user.c:winbindd_endpwent(526)
[0]: endpwent
[2007/05/11 09:45:22, 3] nsswitch/winbindd_group.c:winbindd_endgrent(527)
[0]: endgrent
[2007/05/11 09:45:22, 3] nsswitch/winbindd_group.c:winbindd_getgrgid(430)
[0]: getgrgid 1513
Even if I read NO ERROR.. the two logs are too much similar, so I suppose
getgrgid is failing in mapping id 1513 to the group sid, which makes me
think I got a mess in tdb samba databases.
AND
mail# /usr/home/gianlucaculot perl -e '@group = getgrnam(DMSWARE\\domain
users); print @group\n;'
domain users x 1513 risrobot administrator
mail# /usr/home/gianlucaculot perl -e '@group = getgrgid(1513); print
@group\n;'
so 1513 CANNOT BE resolved as Domain Users
1) should I delete TDBs database and make samba rebuild them. If yes. how
can I do it correctly ?
2) Should I create a groups 1513 in /etc/group ? I've already mapped Domain
Users to users
mail# /usr/home/gianlucaculot net groupmap list
Domain Users (S-1-5-21-3999584804-2945907794-872237379-1001) - users
Administrators (S-1-5-32-544) - 1015
Users (S-1-5-32-545) - 1016
Yet I Still have two IDs which