From one of the users of the official Debian packages. This is confirmed in both 3.0.24 and 3.0.25a. I'll send a level 10 debug log for winbind as well I have a setup with a win 2003 server, and I'm using ADS. I have a few Debian boxes with samba on it, most of them are running sarge (so 3.0.14a-3sarge6). I don't have a problem with those running sarge. They don't share any uid or somthing, they all have config that looks like: idmap uid = 10000-20000 idmap gid = 10000-20000 winbind use default domain = yes winbind nested groups = yes winbind enum groups = yes winbind enum users = yes Recently I had to replace one of them and installed etch on it. It started with version 3.0.24-6etch1, and is now running 3.0.24-6etch4. All the versions have the same problem. What I notice is big delay in looking up usernames and groups. This is ussually in the order of several minutes. It could also be few seconds, but even that is long compare to the sarge versions which return that information directly. It then works for some time (5 minutes, until the cache expires?) and then needs to start over. Sometimes it also just fails. When looking it up, looking at the log file, it seems that getting the uid/gid isn't a problem, it getting the list of groups that's a problem. After it received lots of groups, it show the message: Failed to enumerate domain local groups "getent passwd" seems to keep working (as long as it doesn't need to get the list of groups again), "getent group" gets a delay. What I think is the problem is that the group it tried to look up has a space in it. After it showed the above message, looking up the name of the last group it tried to look up has a space in it. It's also not showing any other group with a space in it, like some of the builtin groups like "BUILTIN\system operators".
Created attachment 2752 [details] Level 10 debug log of a failed session