Bug 12284 - winbind and active directory id mapping broken
winbind and active directory id mapping broken
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind
x64 Linux
: P5 critical
: ---
Assigned To: Samba QA Contact
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2016-09-21 14:23 UTC by heapifyman
Modified: 2016-10-13 17:27 UTC (History)
5 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description heapifyman 2016-09-21 14:23:53 UTC
After upgrading from version 4.4.5 to version 4.5.0 Active Directory integration is broken.

Downgrading to version 4.4.4 as suggested in https://bugs.archlinux.org/task/50787 does remedy the situation.

I can not login via graphical login any more and when logging in via the terminal, the prompt shows "[I have no name!@my-box]"

"id $username" does show all correct ids for all groups but cannot map ids to user and group names.
Also "ls -al" in my home dir only shows ids instead of user and group names as owner information.

As far as I can tell, the config files (krb5.conf, smb.conf, etc.) haven't changed and neither have the Active Directory settings.

In "/var/log/samba/log.winbindd-idmap" I see messages like this:
[2016/09/15 16:07:24.411226, 3] ../source3/winbindd/idmap_rid.c:146(idmap_rid_unixids_to_sids)
Unexpected error resolving an ID (16208)

Running "wbinfo -g" or "wbinfo -u" works as expected and shows all the correct group and user names.
So do "getent group" and "getent passwd"

Additional info:
* libwbclient 4.5.0-2
* I followed the Active Directory Integration manual from the Arch Linux wiki: https://wiki.archlinux.org/index.php/Active_Directory_Integration

Steps to reproduce:
1. Follow: https://wiki.archlinux.org/index.php/Active_Directory_Integration
2. Install latest updates up to 14th September, 2016
3. Try to login as Domain user

See also: https://bugs.archlinux.org/task/50787
Comment 1 heapifyman 2016-10-06 16:18:38 UTC
Correction: I downgraded to version 4.4.5 not 4.4.4 as the original description says.
Comment 2 Stefan Metzmacher 2016-10-06 16:26:51 UTC
(In reply to heapifyman from comment #1)

Would it be possible that you also check if the problem exists in
4.4.6, then the problem might be the patches from
Comment 3 heapifyman 2016-10-11 10:58:10 UTC
(In reply to Stefan Metzmacher from comment #2)

Hi, I tried version 4.4.6 and did not experience any issues. Works as good as 4.4.5.

Seems like the problem was introduced from 4.4.6 to 4.5.0 then.

see https://bugs.archlinux.org/task/50787#comment151609 for what I did.