Winbindd is having trouble finding the Domain Admins group in my domain. It appears to be searching for the group but does not show what domain it's looking into - then it tries the local PC (ANC-Gentoo):
log.winbind: [2004/01/07 13:20:43, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(237) [23792]: getgrnam Domain Admins [2004/01/07 13:20:43, 5] nsswitch/winbindd_acct.c:wb_getgrnam(522) wb_getgrnam: Did not find group (Domain Admins) [2004/01/07 13:20:43, 5] nsswitch/winbindd_group.c:winbindd_getgrnam(254) winbindd_getgrnam: lookup for ANC-GENTOO\Domain Admins failed [2004/01/07 13:21:24, 5] nsswitch/winbindd.c:winbind_client_read(465) read failed on sock 18, pid 23792: EOF getent works: $ getent group | grep "Domain Admins" LABOR\Domain Admins:x:10003:LABOR\tim,... wbinfo works: $ wbinfo -g | grep "Domain Admins" LABOR\Domain Admins [EMAIL PROTECTED] var # net groupmap list Domain Users (S-1-5-21-3791546257-2726071710-148796437-513) -> 10442 Domain Admins (S-1-5-21-3791546257-2726071710-148796437-512) -> root Domain Guests (S-1-5-21-3791546257-2726071710-148796437-514) -> nobody Winbind finds my domain account just fine: [2004/01/07 13:20:43, 3] nsswitch/winbindd_misc.c:winbindd_domain_info(219) [23792]: domain_info [LABOR.AK] [2004/01/07 13:20:43, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(113) [23792]: getpwnam labor\tim [2004/01/07 13:20:43, 3] nsswitch/winbindd_ads.c:name_to_sid(313) ads: name_to_sid [2004/01/07 13:20:43, 5] libads/ldap_utils.c:ads_do_search_retry(56) Search for (|(sAMAccountName=tim)([EMAIL PROTECTED])) gave 1 replies [2004/01/07 13:20:43, 3] libads/ads_ldap.c:ads_name_to_sid(82) ads name_to_sid mapped tim [2004/01/07 13:20:43, 3] nsswitch/winbindd_group.c:winbindd_getgroups(932) [23792]: getgroups LABOR\tim [2004/01/07 13:20:43, 3] nsswitch/winbindd_ads.c:name_to_sid(313) ads: name_to_sid [2004/01/07 13:20:43, 5] libads/ldap_utils.c:ads_do_search_retry(56) Search for (|(sAMAccountName=tim)([EMAIL PROTECTED])) gave 1 replies [2004/01/07 13:20:43, 3] libads/ads_ldap.c:ads_name_to_sid(82) ads name_to_sid mapped tim I understand Andrew Bartlett is aware of the following problem, but I'm not sure how that is going to affect file sharing from my Samba server acting as a Domain Memeber via security=ADS. 2004/01/07 13:20:43, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(113) [23792]: getpwnam LABOR\windowsxp$ [2004/01/07 13:20:43, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(148) user 'windowsxp$' does not exist [2004/01/07 13:20:43, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(113) [23792]: getpwnam windowsxp$ [2004/01/07 13:20:43, 5] nsswitch/winbindd_acct.c:wb_getpwnam(393) wb_getpwnam: Did not find user (windowsxp$) [2004/01/07 13:20:43, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(125) winbindd_getpwnam: lookup for ANC-GENTOO\windowsxp$ failed [2004/01/07 13:20:43, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(113) [23792]: getpwnam windowsxp$ [2004/01/07 13:20:43, 5] nsswitch/winbindd_acct.c:wb_getpwnam(393) wb_getpwnam: Did not find user (windowsxp$) [2004/01/07 13:20:43, 5] nsswitch/winbindd_user.c:winbindd_getpwnam(125) winbindd_getpwnam: lookup for ANC-GENTOO\windowsxp$ failed -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
