Bug 5772 - uid xxx does not exist in the passwd file!
uid xxx does not exist in the passwd file!
Status: RESOLVED DUPLICATE of bug 3661
Product: Samba 3.0
Classification: Unclassified
Component: winbind
x86 Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2008-09-18 06:24 UTC by Christina Jagodics (550 #5.1.0 Address rejected)
Modified: 2008-09-18 07:49 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Christina Jagodics (550 #5.1.0 Address rejected) 2008-09-18 06:24:42 UTC
thought we managed to solve our problem about listing users from trusted domains using 'getent passwd' as described in bug 3661. 

But then after some testing we've encountered another problem which - we believe - is directly related to bug 3661:

  after joining our host to the primary domain (win2k8) and getting our domain-users from both domains (the one we're directly joined to as well as the trusted domain), we can now log-in locally as one of our domain-users. They can also be given sudoers'-rights.

  So here's our problem: when logging in as a domain-user from the domain we're 
  directly joined to everything works fine.
  When trying to execute a 'sudo'-command after about 10 minutes of idle time 
  the system asks for the user's password for re-authentication.
  But when we try to use a domain-user from the trusted domain, about 10 minutes 
  after having logged-in the system just seems to have lost the identity of our 
  When trying to execute any 'sudo'-command we only get the following error 
    "uid xyz does not exist in the passwd file!"

Taking a look at log.wb-DOMAIN and log.wb-TRUSTEDDOMAIN shows that while log.wb-DOMAIN has regular domain-queries every five minutes, log.wb-TRUSTEDDOMAIN only shows manual query-entries. 

log.wb-DOMAIN: (triggered every five minutes)
[2008/09/18 13:16:01, 4] nsswitch/winbindd_dual.c:fork_domain_child(1080)
  child daemon request 19
[2008/09/18 13:16:01, 3] nsswitch/winbindd_misc.c:winbindd_dual_list_trusted_dom
  [ 2558]: list trusted domains
[2008/09/18 13:16:01, 3] nsswitch/winbindd_ads.c:sequence_number(1010)
  ads: fetch sequence_number for WIN2K8
[2008/09/18 13:16:01, 5] libads/ldap_utils.c:ads_do_search_retry_internal(64)
  Search for (objectclass=*) in <> gave 1 replies

So, my guess is that there has to be a loop somewhere that triggers these queries but it only includes the primary domain.
Can anyone help me find the crucial places within the source code so that I can try to find a solution?  

Christina Jagodics
Comment 1 Gerald (Jerry) Carter 2008-09-18 07:49:51 UTC
A number of people have reported problems with that patch.   So this bug report
is really about issues with that private patch.  I'm working on a new version for
upstream so am closing this on as a dup of BUG 3661.  Until we have a fix that
is agreed to push upstream, it doesn't make sense to to attempt to debug this.
Hang tight and I will try to hacve a solution for you soon.

*** This bug has been marked as a duplicate of 3661 ***