Bug 1396 - getent passwd (and getent groups?) and wbinfo -r problem
getent passwd (and getent groups?) and wbinfo -r problem
Product: Samba 3.0
Classification: Unclassified
Component: winbind
All Linux
: P3 critical
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2004-05-27 14:49 UTC by Jan VDS
Modified: 2005-08-24 10:15 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Jan VDS 2004-05-27 14:49:33 UTC
I'm running samba 3.0.4 on a Redhat Enterprise Linux 3 on a 2.4.21-9.0.3.EL 
kernel. I have joined my samba server to our AD domain.
Everything worked just fine until today. I used winbind authorization for 
squid, users which are allowed to surf are member of a group "websurfers". 
Some users still can surf, others however can not anymore. I checked this 
manually with wbinfo.
I searched for the mapped gid of websurfers and I got "10035". Although some 
users are member of the websurfers group the group 10035 is not listed when I 
do "wbinfo -r walter". Others that are member of the group have the group 
10035 listed when I do "wbinfo -r username".
When I do: "getent group | grep 10035"
I see the websurfers group with ALL users listed, the user walter included. 
However when I do "getent passwd" I get both local and AD users but among the 
AD users the user walter is NOT listed.

So to sum it up: 
* for some AD users "wbinfo -r username" does not list all groups
* some AD users are not listed with "getent passwd"
* maybe "getent group" does not list all groups? (impossible to tell since 
there are just too many groups to check this, my websurfer group is listed 
Comment 1 Jan VDS 2004-05-27 15:04:36 UTC
I did an additional test:
I created a new group, added the user 'walter' to it and a new testuser. I 
restart the winbind service and did "wbinfo -r walter" and "wbinfo -r 
For walter the new group is not listed, however for the testuser the newgroup 
is listed.
The user Walter is member of more than 30 groups and the testuser is only 
member of one group, maybe this has something to do with it?
Comment 2 Jan VDS 2004-05-27 15:13:21 UTC
I think this is a similar bug as bug #1242 and bug #1341
Comment 3 Gerald (Jerry) Carter 2005-02-17 08:35:06 UTC
please retest against 3.0.11 and reopen if the bug still exists.  Thanks.
Comment 4 Gerald (Jerry) Carter 2005-08-24 10:15:47 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.