There is a FreeBSD 8.1 system with Samba 3.5.6. It is a member of Active Directory domain (domain controllers are WinSrv2008R2 and WinSrv2008). wbinfo correctly provides user and group lists, as well as group membership information. It is possible to use domain user and group names in commands like chown and chgrp. However, the id command displays only the primary group for domain users. Furthermore, domain users are not able to access any files owned by their non-primary domain groups. For example, running $ id petert results in the following output: uid=10000(petert) gid=10009(domain users) groups=10009(domain users) There should be 10 more groups here. getent passwd and getent group does not show domain users and groups. There is also an error message "getgrent failed: NT_STATUS_NO_MORE_ENTRIES" in the log.winbind file: [2010/11/27 19:47:43.856773, 6] winbindd/winbindd.c:768(new_connection) accepted socket 29 [2010/11/27 19:47:43.856837, 3] winbindd/winbindd_getpwnam.c:55(winbindd_getpwnam_send) getpwnam petert [2010/11/27 19:47:43.856966, 6] winbindd/winbindd.c:816(winbind_client_request_read) closing socket 28, client exited [2010/11/27 19:47:43.859876, 3] winbindd/winbindd_getgrent.c:51(winbindd_getgrent_send) [69874]: getgrent [2010/11/27 19:47:43.859904, 5] winbindd/winbindd_getgrent.c:149(winbindd_getgrent_recv) getgrent failed: NT_STATUS_NO_MORE_ENTRIES [2010/11/27 19:47:43.860164, 3] winbindd/winbindd_getgrgid.c:50(winbindd_getgrgid_send) getgrgid 10009 [2010/11/27 19:47:43.872512, 3] winbindd/winbindd_getgrgid.c:50(winbindd_getgrgid_send) getgrgid 10009 [2010/11/27 19:47:43.872770, 6] winbindd/winbindd.c:816(winbind_client_request_read) closing socket 29, client exited
The system was verified to work properly with Samba 3.4.9.
This looks like a duplicate of Bug #8099. Can you please check if that patch works for you as well ?
... if not, please reopen. closing this for now.