Bug 13831 - Inconsistent output from wbinfo --sid-to-name depending on cache state
Inconsistent output from wbinfo --sid-to-name depending on cache state
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind
All All
: P5 normal
: ---
Assigned To: Christof Schmitt
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2019-03-11 23:33 UTC by Christof Schmitt
Modified: 2019-03-12 18:47 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Christof Schmitt 2019-03-11 23:33:52 UTC
wbinfo --sid-to-name returns different outputs, depending on what has
been queried and cached previously:

$ bin/wbinfo --name-to-sid="$REALM/$DC_USERNAME"
S-1-5-21-274866641-1785003985-1147516049-500 SID_USER (1)

$ bin/wbinfo --sid-to-name=S-1-5-21-274866641-1785003985-1147516049-500

$ bin/net cache -s $SERVERCONFFILE flush

$ bin/wbinfo --sid-to-name=S-1-5-21-274866641-1785003985-1147516049-500
ADDOMAIN/Administrator 1

Internall, winbindd issues a LSA lookupnames call that takes the
realm.com\username as input (which is valid according to
LsarLookupNames4 (Opnum 77)). The lookupnames call also returns domain
information, including the short domain name. The problem here is that
winbindd fills the cache based on the input from wbinfo, instead of
the domain name queried from the domain controller.

Patches to follow.