Bug 12111 - name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED
name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind
4.3.11
x64 Linux
: P5 normal
: ---
Assigned To: Samba QA Contact
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-08-04 11:39 UTC by Mark Henderson
Modified: 2016-08-11 09:18 UTC (History)
1 user (show)

See Also:


Attachments
image taken from WinSCP showing the DOMAIN\hostname$ as a result of a failed name_to_sid check (54.04 KB, image/png)
2016-08-04 11:39 UTC, Mark Henderson
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Henderson 2016-08-04 11:39:22 UTC
Created attachment 12310 [details]
image taken from WinSCP showing the DOMAIN\hostname$ as a result of a failed name_to_sid check

Since updating to 4.3.11 from 4.2.9 we have starting seeing name to SID failures. Not all users but it spreads slowly ~5 users per hour.

log.wb-TRERAIL (our domain) is filled with entries like this:
[2016/08/04 12:00:01.788900,  2] ../source3/winbindd/winbindd_rpc.c:328(rpc_name_to_sid)
  name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED
[2016/08/04 12:01:01.810054,  2] ../source3/winbindd/winbindd_rpc.c:328(rpc_name_to_sid)
  name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED
[2016/08/04 12:10:01.848945,  2] ../source3/winbindd/winbindd_rpc.c:328(rpc_name_to_sid)
  name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED
[2016/08/04 12:20:01.879742,  2] ../source3/winbindd/winbindd_rpc.c:328(rpc_name_to_sid)
  name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED


the screen shot attached shows what starts to happen, it's a view from WinSCP, their home directories 'forget' who the owner is as a name to SID cannot be resolved.

Running net cache flush clears all bar two names. We stopped all of samba across out 5 DCs, deleted all *.tdb files inside of var/lib/samba, on each (took copies first), ran net cache flush and then started them all again but still there is this persistent problem.

Here is a copy of the smb.conf 

workgroup = TRERAIL
        realm = trerail.co.uk
        netbios name = DC1
        server role = active directory domain controller
        dns forwarder = 8.8.8.8
        winbind enum users = yes
        winbind enum groups = yes
        log level = 0
        printcap name = /dev/null
        load printers = no
        disable spoolss = yes
        printing = bsd
        follow symlinks = Yes
        wide links = Yes
        unix extensions = no
        idmap_ldb:use rfc2307 = yes
        allow dns updates = nonsecure
        server services = -winbindd, +winbind
        ldap server require strong auth = no



[netlogon]
        path = /var/lib/samba/sysvol/trerail.co.uk/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

[TRERAIL]
        path = /home/TRERAIL/
        read only = no


a wbinfo lookup of the users affected shows that it's able to resolve their name>sid, sid>uid and so on. But it's just their home dirs that cannot complete the resolution.
Comment 1 Mark Henderson 2016-08-11 09:16:45 UTC
We have just noticed that the TRERAIL\hostname$ doesn't match with who is logged in at that time. The hosts are 'random' However it might be the case that the user was logged into that platform at one time or another.
Comment 2 Mark Henderson 2016-08-11 09:18:03 UTC
(In reply to Mark Henderson from comment #1)
To be more specific, currently  I see an entry of home directory john.smith and the owner is set to TRERAIL\hostname-of-different-computer$, so I wonder if there is some kind of retrospective lookup of the host.