All wbinfo commands and "getent passwd" work fine, but we have a problem doing nss lookups via "getent group" between two Samba 3.0.5/LDAP PDC (with interdomain trust relationship). When we downgraded to Samba 3.0.2a, the problem was fixed. We tried with samba 3.0.4 and the problem persist. The problem looks like the #1561 bug reported in that list, but LDAP works fine. The error reported in log.winbind is: "could not lookup membership for group rid S-1-5-21-xxxx-xxxxx-xxxxx-513 n domain PROC (error: NT_STATUS_NO_SUCH_GROUP)". Configuratiom of Samba: # Global parameters [global] workgroup = PROC server string = %N Samba/LDAP Server passdb backend = ldapsam:ldap://127.0.0.1 log level = 4 winbind:10 log file = /var/log/samba/log.%m max log size = 1024 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No logon path = domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins server = xxx.xxx.xxx.xxx ldap suffix = dc=pmpa ldap machine suffix = ou=Computers,dc=procempa ldap user suffix = ou=People,dc=procempa ldap group suffix = ou=Groups,dc=procempa ldap idmap suffix = ou=IDMap ldap admin dn = cn=admin,dc=pmpa ldap ssl = no idmap backend = ldap:ldap://127.0.0.1 idmap uid = 40000-60000 idmap gid = 40000-60000
please retest against 3.0.6. Thanks.
Version 3.0.6 fix the problem.
Thanks for the feedback.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.