After upgrading to 3.2.8, winbind on a domain member (tested with 3.0.30 and 3.2.8) stopped working. wbinfo -u doesn't show anything, wbinfo -g only shows BUILTIN groups. Looking up users with wbinfo -n works though. wbinfo -t and --own-domain also show the expected results. winbind on the PDC works fine. # wbinfo -n RK_KLBG\\abergolth S-1-5-21-181998944-1107627502-2274996074-3324 User (1) I've attached the debug-level 10 output both from the domain member and the PDC. Maybe this bug is connected to Bug 6112.
Created attachment 3985 [details] winbind debug level 10 log on the domain member
Created attachment 3986 [details] winbind debug level 10 log on the domain member
Created attachment 3987 [details] debug level 10 log on the PDC
I have the same problem: in my opinion bug sit in PDC not in domain member. I have two big instalations of samba: one domain member is 3.0.33 PDC 3.2.8 [root@see-you-later ~]# wbinfo --all-domains WSISIZ.EDU.PL [root@see-you-later ~]# wbinfo -u Error looking up domain users second one: domain member is 3.2.8 PDC 3.3.1 (but 3.2.8 tested too) [root@aero samba]# wbinfo -u [root@aero samba]# wbinfo --all-domains BUILTIN AERO IBSPAN.WAW.PL i think bug sit here: [2009/03/12 10:52:04, 4] rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(171) Found policy hnd[0] _samr_OpenDomain: access check ((granted: 0x00020010; required: 0x00000020) [2009/03/12 10:52:04, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(247) _samr_OpenDomain: ACCESS DENIED (granted: 0x00020010; required: 0x00000020) if winbind does not work authorization thru pam_winbind does not work too - in my case I lost authorization source for jabber server....
(In reply to comment #4) > I have the same problem: > in my opinion bug sit in PDC not in domain member. > I have two big instalations of samba: > second one: > domain member is 3.2.8 PDC 3.3.1 (but 3.2.8 tested too) 3.3.2 tested too on PDC and no luck... But it seems that BUG https://bugzilla.samba.org/show_bug.cgi?id=6112 it is the SAME problem!
(In reply to comment #3) > Created an attachment (id=3987) [details] > debug level 10 log on the PDC look here: https://bugzilla.samba.org/show_bug.cgi?id=6089
Absolutely right, there are many incarnations of this bug, and we hope to have it fixed in 3.2 and 3.3 branches. I see if I can merge all the bug duplicates. Thanks for the reminder! Guenther
FYI. I checked in the fix I added to 3.2.x to all current git branches. So if it's fixed in 3.2.11 then it'll be fixed in all subsequent 3.3.x releases (and the upcoming 3.4.0). Jeremy.
Closing out bug report. Please re-open if it's still an issue in Samba 3.2.11. Thanks for reporting!
still an issue. reopening.
*** This bug has been marked as a duplicate of bug 6112 ***