On Tue, Nov 16, 2010 at 10:19 AM, Shirish Pargaonkar <[email protected]> wrote: > On Sat, Nov 13, 2010 at 5:34 PM, Michael Wood <[email protected]> wrote: >> On 14 November 2010 01:16, Shirish Pargaonkar >> <[email protected]> wrote: >>> On Sat, Nov 13, 2010 at 4:52 PM, Michael Adam <[email protected]> wrote: >>>> Hi Shirish, >>>> >>>> Shirish Pargaonkar wrote: >>>>> On Mon, Nov 8, 2010 at 1:47 PM, Jeremy Allison <[email protected]> wrote: >>>>> > On Mon, Nov 08, 2010 at 01:21:30PM -0600, Shirish Pargaonkar wrote: >>>>> >> Sometimes a group sid does not get resolved to its name. >>>>> >> >>>>> >> Is this a settings problem? Looks like winbind deamon >>>>> >> went dormant for a while and then woke up? >>>>> >> I am using interface wbcLookupSid provided by the >>>>> >> library libwbclient.so for resolving sids to names. >>>>> >> >>>>> >> These are the winbind related parameters in >>>>> >> /etc/samba/smb.conf >>>>> > >>>>> > Not enough information for useful debugging. What >>>>> > do the winbindd logs say ? >>>>> > >>>>> >>>>> ps -eaf | grep winbind >>>>> root 20085 1 0 14:03 ? 00:00:00 /usr/sbin/winbindd -D >>>>> root 20086 20085 0 14:03 ? 00:00:00 /usr/sbin/winbindd -D >>>>> root 20089 20085 0 14:03 ? 00:00:00 /usr/sbin/winbindd -D >>>>> >>>>> Cleared /var/log/samba/winbindd.log just before issueing >>>>> command getcifsacl which could not resolve the group SID >>>>> >>>>> winbindd.log attached. >>>> >>>> not really. :-) >>>> >>>> Cheers - Michael >>> >>> Michael, not sure what is implied. The log is not sufficient? >> >> No, the mailing list (sometimes) strips attachments. There was no log >> file attached to your e-mail when I received it. >> >>> I see two error messages in the log. >>> >>> [2010/11/08 14:32:56, 5] winbindd/winbindd_async.c:lookupsid_recv2(138) >>> lookupsid (forest root) returned an error >>> [2010/11/08 14:32:56, 5] winbindd/winbindd_sid.c:lookupsid_recv(61) >>> lookupsid returned an error >> >> -- >> Michael Wood <[email protected]> >> > > Hope this attachment sticks. > > Regards, > > Shirish >
I see one more type error while using winbind, wbcSidToUid returns error 7 but wbcSidToGid succeeds. /tmp/getcifsacl /mnt/smb_d/Makefile REVISION:0x1 CONTROL:0x9404 OWNER:BUILTIN\Administrators GROUP:CIFSTESTDOM\Domain Users ACL:CIFSTESTDOM\Domain Users:DENIED/0x0/0x10000 ACL:CIFSTESTDOM\Administrator:ALLOWED/0x0/0x1700a1 ACL:BUILTIN\Performance Log Users:ALLOWED/0x0/CHANGE ACL:CIFSTESTDOM\stevef:ALLOWED/0x0/FULL # cat /var/log/messages cifs.upcall: Owner wbcStringToSid: S-1-5-32-544, rc: 0 cifs.upcall: Owner wbcSidToUid: S-1-5-32-544, uid: 0, rc: 7 cifs.upcall: Group wbcStringToSid: S-1-5-21-2849063682-2007077719-983662776-513, rc: 0 cifs.upcall: Group wbcSidToGid: S-1-5-21-2849063682-2007077719-983662776-513, gid: 10010, rc: 0 Error winbindd.log file is as follows: sid2uid_lookupsid_recv: Sid S-1-5-32-544 is not a user or a computer. I changed Owner of the file on the server to OWNER:CIFSTESTDOM\Domain Users but the same error during wbcSidToUid [2010/12/02 14:36:20, 5] winbindd/winbindd_sid.c:sid2uid_lookupsid_recv(192) sid2uid_lookupsid_recv: Sid S-1-5-21-2849063682-2007077719-983662776-513 is not a user or a computer. [[2010/12/02 14:36:20, 7] winbindd/winbindd_idmap.c:winbindd_sid2gid_async(363) winbindd_sid2gid_async: Resolving S-1-5-21-2849063682-2007077719-983662776-513 to a gid If I change Owner to OWNER:CIFSTESTDOM\Administrator, then it works /tmp/getcifsacl /mnt/smb_d/Makefile REVISION:0x1 CONTROL:0x9404 OWNER:CIFSTESTDOM\Administrator GROUP:CIFSTESTDOM\Domain Users ACL:CIFSTESTDOM\Domain Users:DENIED/0x0/0x10000 ACL:CIFSTESTDOM\Administrator:ALLOWED/0x0/0x1700a1 ACL:BUILTIN\Performance Log Users:ALLOWED/0x0/CHANGE ACL:CIFSTESTDOM\stevef:ALLOWED/0x0/FULL cifstest6:/usr/src/linux.ssp.cifs.09092010.l/cifs-2.6 # cat /var/log/messages cifs.upcall: Owner wbcStringToSid: S-1-5-21-2849063682-2007077719-983662776-500, rc: 0 cifs.upcall: Owner wbcSidToUid: S-1-5-21-2849063682-2007077719-983662776-500, uid: 10000, rc: 0 cifs.upcall: Group wbcStringToSid: S-1-5-21-2849063682-2007077719-983662776-513, rc: 0 cifs.upcall: Group wbcSidToGid: S-1-5-21-2849063682-2007077719-983662776-513, gid: 10010, rc: 0 Is this the expected behaviour, some sids can_not/will_not be mapped such as this Owner BUILTIN\Administrators. Regads, Shirish -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
