Bug 5726 - Cannot convert sid to gid on groups
Cannot convert sid to gid on groups
Status: RESOLVED INVALID
Product: Samba 3.0
Classification: Unclassified
Component: winbind
3.0.30
x64 Linux
: P3 critical
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-08-29 13:16 UTC by Duncan Fiander
Modified: 2008-09-10 01:14 UTC (History)
1 user (show)

See Also:


Attachments
Winbind debug (80.00 KB, application/octet-stream)
2008-09-04 12:10 UTC, Duncan Fiander
no flags Details
Samba Config (30.00 KB, application/octet-stream)
2008-09-04 12:10 UTC, Duncan Fiander
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Duncan Fiander 2008-08-29 13:16:00 UTC
We have a customer where on some groups they wish to use cannot convert the SID to GID. 

The command we are using is: 
#wbinfo -Y `wbinfo -D domain-name -n 'domain-user-group' | sed -n '$ p'`

Created backup '/var/lib/samba/winbindd_cache.tdb.bak' of tdb '/var/lib/samba/winbindd_cache.tdb'
[2008/08/22 14:09:01, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache(2237)
  initialize_winbindd_cache: clearing cache and re-creating with version number 1
[2008/08/22 14:12:19, 1] nsswitch/winbindd_sid.c:winbindd_sid_to_gid(312)
  Could not get convert sid Name from string

Are there any updates or workarounds.

Thanks
Duncan
Comment 1 Duncan Fiander 2008-09-04 12:10:28 UTC
Created attachment 3525 [details]
Winbind debug
Comment 2 Duncan Fiander 2008-09-04 12:10:47 UTC
Created attachment 3526 [details]
Samba Config
Comment 3 Duncan Fiander 2008-09-04 12:11:30 UTC
Additional information

Maritz Groups
mau001o_40028_Admin (sid to gid good)
MAU001o_40033_West_Coast
MAU001o_40034_New_Markets
MAU001o_40036_Nissan
MAU001o_40101_GMCSI
MAU001o_40137_Toyota (Cannot sid to gid)


MAU001NASARCP01:/etc/samba # net ads info
LDAP server: 10.30.14.25
LDAP server name: mau001dcus02.us.maritz.net
Realm: US.MARITZ.NET
Bind Path: dc=US,dc=MARITZ,dc=NET
LDAP port: 389
Server time: Thu, 04 Sep 2008 11:41:03 EDT
KDC server: 10.30.14.25
Server time offset: 0


MAU001NASARCP01:/etc/samba # wbinfo --domain-info US
Name              : US
Alt_Name          : us.maritz.net
SID               : S-1-5-21-1078081533-1647877149-839522115
Active Directory  : Yes
Native            : Yes
Primary           : Yes
Sequence          : 74580141
MAU001NASARCP01:/etc/samba #

MAU001NASARCP01:/etc/samba # wbinfo -m
MARITZ
MARITZ_CANADA
EXCHANGE
MARITZ01
MARITZ06
MARITZ02
UK
EMEA
US

MAU001NASARCP01:/etc/samba # wbinfo --sequence
EMEA : 23480479
UK : 16048062
MARITZ02 : DISCONNECTED
MARITZ06 : DISCONNECTED
MARITZ01 : DISCONNECTED
EXCHANGE : DISCONNECTED
MARITZ_CANADA : DISCONNECTED
MARITZ : 9164307
BUILTIN : 1220543137
MAU001NASARCP01 : 1220543137
US : 74580621



MAU001NASARCP01:/etc/samba # wbinfo -Y `wbinfo -D US -n 'mau001o_40028_Admin' | sed -n '$ p'`
1053895

MAU001NASARCP01:/etc/samba # wbinfo -Y `wbinfo -D US -n 'mau001o_40137_toyota' | sed -n '$ p'`
Could not convert sid S-1-5-21-1078081533-1647877149-839522115-2987367 to gid

MAU001NASARCP01:/etc/samba # wbinfo -Y `wbinfo -n 'US\mau001o_40028_Admin' | sed -n '$ p'`
1053895

MAU001NASARCP01:/etc/samba # wbinfo -Y `wbinfo -n 'US\mau001o_40137_toyota' | sed -n '$ p'`
Could not convert sid S-1-5-21-1078081533-1647877149-839522115-2987367 to gid
MAU001NASARCP01:/etc/samba #


MAU001NASARCP01:/etc/samba # wbinfo -n 'mau001o_40137_toyota'
S-1-5-21-1078081533-1647877149-839522115-2987367 Domain Group (2)
MAU001NASARCP01:/etc/samba # wbinfo -n 'US\mau001o_40137_toyota'
S-1-5-21-1078081533-1647877149-839522115-2987367 Domain Group (2)
MAU001NASARCP01:/etc/samba # wbinfo -D US -n 'mau001o_40137_toyota'
Name              : US
Alt_Name          : us.maritz.net
SID               : S-1-5-21-1078081533-1647877149-839522115
Active Directory  : Yes
Native            : Yes
Primary           : Yes
Sequence          : 74580621
S-1-5-21-1078081533-1647877149-839522115-2987367 Domain Group (2)
MAU001NASARCP01:/etc/samba #

idmap domains =  \
        US \
        MARITZ


log level = 3 winbind:10
Comment 4 Karolin Seeger 2008-09-10 01:14:36 UTC
The calculated gid was out of range.
Closing out bug report.