Bug 1718 - WINBIND: Domain Users Revolve... Sometimes
WINBIND: Domain Users Revolve... Sometimes
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: winbind
3.0.6
x86 Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-09-03 14:26 UTC by Matt Siemens
Modified: 2005-08-24 10:18 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Siemens 2004-09-03 14:26:29 UTC
I've encountered an odd problem using samba/winbind.

We have a PDC running Samba 3.0.6 which contains a user account called
'msiemens'.  On my Linux notebook, I set up samba/winbind so that I can log into
my local system using domain user account 'msiemens'.  Running `wbinfo -t` and
`getent passwd` work 100% of the time.  I can log in as the user 'msiemens' most
of the time, however sometimes it doesn't work.

To better illustrate what is happening, here is a what I get from the `id
msiemens` command when run a few times in succession from my local machine:
 
(root@matts) /root> id msiemens
uid=20000(msiemens) gid=20000(msiemens)
groups=20000(msiemens),20003(Development),20005(Communications),20006(MIS),20010(Domain
Users),20026(visitor)
(root@matts) /root> id msiemens
id: msiemens: No such user
(root@matts) /root> id msiemens
uid=20000(msiemens) gid=20000(msiemens)
groups=20000(msiemens),20003(Development),20005(Communications),20006(MIS),20010(Domain
Users),20026(visitor)
(root@matts) /root> id msiemens
id: msiemens: No such user
(root@matts) /root> id msiemens
uid=20000(msiemens) gid=20000(msiemens)
groups=20000(msiemens),20003(Development),20005(Communications),20006(MIS),20010(Domain
Users),20026(visitor)
(root@matts) /root> id msiemens
id: msiemens: No such user
(root@matts) /root> id msiemens
id: msiemens: No such user

Sometimes the username is resolved, and sometimes it isn't.  If I log into my
local machine as 'msiemens' (when it lets me) and then just issue the `id`
command without a username (so it defaults to the current user), it works 100%
of the time.  As soon as I specify any remote domain user (`id domain_user`) I
get the same behaviour as above.  The Linux login command seems to behave the
same way for all domain users.

This behaviour seems to worsen if I set 'winbind cache time' in the smb.conf
file from 1 (current setting) to 300 (default setting).

My smb.conf file is as follows:
[global]
server string = Matt's Notebook
workgroup = SOMEDOMAIN
netbios name = MATTS
security = domain
password server = 10.40.1.2
encrypt passwords = yes
idmap uid = 20000-30000
idmap gid = 20000-30000
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
admin users = @"Domain Admins"
wins server = 192.168.5.3
winbind use default domain = yes
winbind cache time = 1
winbind enum users = yes
winbind enum groups = yes
disable spoolss = Yes
use sendfile = No
log file = /var/log/samba/%m.log
max log size = 1024
log level = 1 passdb:3 auth:3 winbind:3
template homedir = /home/%U
template shell = /bin/bash
Comment 1 Gerald (Jerry) Carter 2004-09-05 05:09:44 UTC
I'm pretty certain this is already fixed in preparation for 3.0.7.  
The patch is at 
http://samba.org/~jerry/patches/post-3.0.6/winbind_getpwnam_v1.patch
Comment 2 Gerald (Jerry) Carter 2005-08-24 10:18:59 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.