We have noticed that sometimes the winbind tdb file can get "messed up" sometimes you will loose a SID to group mapping or the other way around. Sometimes will we find 2 SIDs mapping to the same group. We're not really sure how often this happens, we only notice when an "ls -l" or a getfacl returns funny results We also had at least twice tdbs where tdbbackup could not backup due to duplicate keys. # /usr/local/samba/bin/tdbbackup winbindd_idmap.tdb Failed to insert into winbindd_idmap.tdb.bak.tmp failed to copy winbindd_idmap.tdb You can see it from getent: # getent group idpic idpic:x:1002: #getent group 1002 idpic:x:1002: # getent group "domain admins" domain admins:x:1002:administrator We use tdpdump and tdbedit to fix things up to what they should be. []# /usr/local/samba/bin/tdbdump winbindd_idmap | grep 1002 -B2 -A2 -- { key = "S-1-5-21-212947539-xxxx-1555891258-29939\00" data = "GID 1002\00" } -- { key = "S-1-5-21-212947539-xxxx-1555891258-512\00" data = "GID 1002\00" } -- { key = "GID 1002\00" data = "S-1-5-21-212947539-xxxx-1555891258-29939\00" } I have at least 2 tdb files where this has happened, however I don't want to post them to the internet. Here's an example of a failed mapping: # getent passwd swanner swanner:x:3504:1001:Swanner:/home/swanner:/bin/false # getent passwd 3504 (nothing...)
Sorry, but the 2.2 is not under development any longer. If you can reproduce this bug against the latest 3.0 release, please reopen this bug and change the version in the report. Thanks.
database cleanup