Btw, I have read just about all of the help and conf files on this issue. The nscd is NOT running.
>From the docs: Same problem as the one above. Your system is likely running nscd, the name service caching daemon. Shut it down, do not restart it! You will find your problem resolved. My config looks like this: [global] workgroup = CORP server string = Linman printcap name = /etc/printcap load printers = yes cups options = raw password Server = hqdc1.corp.ciosystems.com encrypt passwords = yes wins server = hqdc1.corp.ciosystems.com dns proxy = no winbind separator = + idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U winbind use default domain = yes password server = hqdc1.corp.ciosystems.com realm = CORP.CIOSYSTEMS.COM [homes] comment = Home Directories browseable = yes writable = yes Nsswitch.conf: passwd: files winbind shadow: files winbind group: files winbind #hosts: db files nisplus nis dns hosts: files wins dnsprotocols: files winbind services: files winbind netgroup: files winbind automount: files winbind Hosts: # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost 10.200.200.15 linman.corp.ciosystems.com linman 10.200.200.1 hqdc1.corp.ciosystems.com hqdc1 cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet account required /lib/security/$ISA/pam_permit.so account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_winbind.so password requisite /lib/security/$ISA/pam_cracklib.so retry=3 password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/$ISA/pam_winbind.so use_authtok password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so session optional /lib/security/$ISA/pam_mkhomedir.so cat /etc/pam.d/login #%PAM-1.0 auth required pam_securetty.so auth required pam_stack.so service=system-auth auth required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_stack.so service=system-auth session optional pam_console.so session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 # pam_selinux.so open should be the last session rule session required pam_selinux.so multiple open cat /etc/pam.d/gdm #%PAM-1.0 auth required pam_env.so auth required pam_stack.so service=system-auth auth required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session optional pam_console.so # Added to the above default session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > On Behalf Of john > Sent: Friday, May 06, 2005 11:50 AM > To: [email protected] > Subject: [Samba] Winbind issues with UID and GID mappings > > I am having issues integrating a FC3 system with AD running > on W2k3. I can not > figure out why the user ID mappings and Group ID mappings are > going stale. This > is a generic FC3 install with all of the latest updates. > > login as: jgallagh > Sent username "jgallagh" > [EMAIL PROTECTED]'s password: > Last login: Fri May 6 08:14:23 2005 from 192.168.168.2 > id: cannot find name for group ID 16777216 > [EMAIL PROTECTED] ~]$ whoami > jgallagh > [EMAIL PROTECTED] ~]$ whoami > jgallagh > [EMAIL PROTECTED] ~]$ ssh [EMAIL PROTECTED] > You don't exist, go away! > [EMAIL PROTECTED] ~]$ ssh [EMAIL PROTECTED] > You don't exist, go away! > [EMAIL PROTECTED] ~]$ whoami > whoami: cannot find username for UID 16777221 > [EMAIL PROTECTED] ~]$ > > > This is the log from this morning, I could not log into the > system until I ran > both the getent passwd and getent group commands. Then all > worked fine, however > this will only last maybe 5 minutes. Even when logged into > the system after 5 > minutes, I run whoami the system complains that it does not > know who I am and it > always complains that it does not have the mappings for the > group ID. I believe > this is a winbind error.... > > > login as: root > Sent username "root" > [EMAIL PROTECTED]'s password: > Last login: Thu May 5 22:55:44 2005 from 192.168.168.2 > [EMAIL PROTECTED] ~]# ls -al /home/CORP/ > total 60 > drwxrwxrwx 5 root root 4096 May 5 23:19 . > drwxr-xr-x 4 root root 4096 May 5 08:18 .. > drwxr-xr-x 3 bill 16777216 4096 May 5 22:16 bill > -rw-r--r-- 1 root root 4256 May 5 23:27 foo > -rw-r--r-- 1 root root 2800 May 5 23:26 foo2 > drwxr-xr-x 3 jgallagh 16777216 4096 May 5 23:18 jgallagh > drwxr-xr-x 12 mgill 16777216 4096 May 5 15:50 mgill > [EMAIL PROTECTED] ~]# tail -f /var/log/messages > > May 6 11:35:51 linman sshd[4472]: Invalid user jgallagh from > ::ffff:192.168.168.2 > May 6 11:35:57 linman sshd[4472]: Failed password for > invalid user jgallagh > from ::ffff:192.168.168.2 port 2235 > May 6 11:36:19 linman sshd[4475]: Accepted password for root from > ::ffff:192.168.168.2 port 2236 > May 6 11:36:48 linman sshd[4472]: Failed password for > invalid user jgallagh > from ::ffff:192.168.168.2 port 2235 > May 6 11:36:54 linman sshd[4472]: Failed password for > invalid user jgallagh > from ::ffff:192.168.168.2 port 2235 > > [EMAIL PROTECTED] ~]# getent group > root:x:0:root > bin:x:1:root,bin,daemon > daemon:x:2:root,bin,daemon > sys:x:3:root,bin,adm > adm:x:4:root,adm,daemon > tty:x:5: > disk:x:6:root > lp:x:7:daemon,lp > mem:x:8: > kmem:x:9: > wheel:x:10:root > mail:x:12:mail > news:x:13:news > uucp:x:14:uucp > man:x:15: > games:x:20: > gopher:x:30: > dip:x:40: > ftp:x:50: > lock:x:54: > nobody:x:99: > users:x:100: > dbus:x:81: > floppy:x:19: > vcsa:x:69: > nscd:x:28: > rpm:x:37: > haldaemon:x:68: > utmp:x:22: > netdump:x:34: > slocate:x:21: > sshd:x:74: > rpc:x:32: > rpcuser:x:29: > nfsnobody:x:65534: > mailnull:x:47: > smmsp:x:51: > pcap:x:77: > xfs:x:43: > ntp:x:38: > gdm:x:42: > jgallagher:x:500: > HelpServicesGroup:x:16777220:SUPPORT_388945a0 > TelnetClients:x:16777221: > Domain Computers:x:16777219: > Domain Controllers:x:16777218: > Schema Admins:x:16777222:Administrator > Enterprise Admins:x:16777223:Administrator > Cert Publishers:x:16777224: > Domain Admins:x:16777225:Administrator > Domain Users:x:16777216: > Domain Guests:x:16777217: > Group Policy Creator Owners:x:16777226:Administrator > RAS and IAS Servers:x:16777227:HQDC1$ > DnsAdmins:x:16777228: > DnsUpdateProxy:x:16777229: > DHCP Users:x:16777230: > DHCP Administrators:x:16777231: > BUILTIN+System Operators:x:16777232: > BUILTIN+Replicators:x:16777233: > BUILTIN+Guests:x:16777234: > BUILTIN+Power Users:x:16777235: > BUILTIN+Print Operators:x:16777236: > BUILTIN+Administrators:x:16777237: > BUILTIN+Account Operators:x:16777238: > BUILTIN+Backup Operators:x:16777239: > BUILTIN+Users:x:16777240: > [EMAIL PROTECTED] ~]# getent passwd > root:x:0:0:root:/root:/bin/bash > bin:x:1:1:bin:/bin:/sbin/nologin > daemon:x:2:2:daemon:/sbin:/sbin/nologin > adm:x:3:4:adm:/var/adm:/sbin/nologin > lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin > sync:x:5:0:sync:/sbin:/bin/sync > shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown > halt:x:7:0:halt:/sbin:/sbin/halt > mail:x:8:12:mail:/var/spool/mail:/sbin/nologin > news:x:9:13:news:/etc/news: > uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin > operator:x:11:0:operator:/root:/sbin/nologin > games:x:12:100:games:/usr/games:/sbin/nologin > gopher:x:13:30:gopher:/var/gopher:/sbin/nologin > ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin > nobody:x:99:99:Nobody:/:/sbin/nologin > dbus:x:81:81:System message bus:/:/sbin/nologin > vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin > nscd:x:28:28:NSCD Daemon:/:/sbin/nologin > rpm:x:37:37::/var/lib/rpm:/sbin/nologin > haldaemon:x:68:68:HAL daemon:/:/sbin/nologin > netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash > sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin > rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin > rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin > nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin > mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin > smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin > pcap:x:77:77::/var/arpwatch:/sbin/nologin > xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin > ntp:x:38:38::/etc/ntp:/sbin/nologin > gdm:x:42:42::/var/gdm:/sbin/nologin > jgallagher:x:500:500:John Gallagher:/home/jgallagher:/bin/bash > administrator:*:16777216:16777216:Administrator:/home/CORP/adm > inistrator:/bin/ba > sh > guest:*:16777217:16777217:Guest:/home/CORP/guest:/bin/bash > support_388945a0:*:16777218:16777216:SUPPORT_388945a0:/home/CO > RP/support_388945a > 0:/bin/bash > hqdc1$:*:16777219:16777218:HQDC1:/home/CORP/hqdc1_:/bin/bash > krbtgt:*:16777220:16777216:krbtgt:/home/CORP/krbtgt:/bin/bash > jgallagh:*:16777221:16777216:John E. > Gallagher:/home/CORP/jgallagh:/bin/bash > mgill:*:16777222:16777216:Mike Gill:/home/CORP/mgill:/bin/bash > linman$:*:16777223:16777219:linman:/home/CORP/linman_:/bin/bash > bill:*:16777224:16777216:Bill Tester:/home/CORP/bill:/bin/bash > > /var/log/secure > May 6 11:37:12 linman sshd[4511]: Accepted password for jgallagh from > ::ffff:192.168.168.2 port 2245 > > /var/log/messages > > May 6 11:35:54 linman unix_chkpwd[4474]: check pass; user unknown > May 6 11:35:54 linman sshd(pam_unix)[4472]: authentication > failure; logname= > uid=0 euid=0 tty=ssh ruser= rhost=192.168.168.2 > May 6 11:35:54 linman pam_winbind[4472]: request failed: > Wrong Password, PAM > error was 7, NT error was NT_STATUS_WRONG_PASSWORD > May 6 11:35:54 linman pam_winbind[4472]: user `jgallagh' > denied access > (incorrect password or invalid membership) > May 6 11:36:19 linman sshd(pam_unix)[4477]: session opened > for user root by > root(uid=0) > May 6 11:36:45 linman pam_winbind[4472]: request failed: > Wrong Password, PAM > error was 7, NT error was NT_STATUS_WRONG_PASSWORD > May 6 11:36:45 linman pam_winbind[4472]: user `jgallagh' > denied access > (incorrect password or invalid membership) > May 6 11:36:51 linman pam_winbind[4472]: request failed: > Wrong Password, PAM > error was 7, NT error was NT_STATUS_WRONG_PASSWORD > May 6 11:36:51 linman pam_winbind[4472]: user `jgallagh' > denied access > (incorrect password or invalid membership) > May 6 11:36:55 linman sshd(pam_unix)[4472]: 2 more > authentication failures; > logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.168.2 > user=jgallagh > May 6 11:37:12 linman sshd(pam_unix)[4511]: authentication > failure; logname= > uid=0 euid=0 tty=ssh ruser= rhost=192.168.168.2 user=jgallagh > May 6 11:37:12 linman pam_winbind[4511]: user 'jgallagh' > granted access > May 6 11:37:12 linman pam_winbind[4511]: user 'jgallagh' > granted access > May 6 11:37:12 linman sshd(pam_unix)[4513]: session opened > for user jgallagh by > (uid=0) > [EMAIL PROTECTED] ~]# > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
