Bug 9715 - id command is unable to list the trusted domain local groups.
id command is unable to list the trusted domain local groups.
Status: RESOLVED DUPLICATE of bug 10835
Product: Samba 3.6
Classification: Unclassified
Component: Winbind
3.6.12
All All
: P5 normal
: ---
Assigned To: Timur Bakeyev
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-03-13 12:48 UTC by Hemanth
Modified: 2015-02-22 18:39 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hemanth 2013-03-13 12:48:35 UTC
This is the same issue mentioned in bug 9052. I have tried the same test case
with samba3.6.12 patched server. And here is the behavior..

setup and configuration:

EAST.USA.MYDOM.COM: 

created a User: Hemanth

WEST.USA.MYDOM.COM: 
created a Domain local group: east_users (made user Hemanth as part of this)
Made samba server joined to WEST domain.

# wbinfo -a=EAST_USA_MD\\hemanth%password
plaintext password authentication succeeded
challenge/response password authentication succeeded

# id EAST_USA_MD\\hemanth
uid=1792541994(EAST_USA_MD\hemanth) gid=1792541185(EAST_USA_MD\domain users)
groups=1792541185(EAST_USA_MD\domain users)

Here it did not list the domain local group east_users. 

But bug 9052 says this is fixed as part of 3.6.6.
Comment 1 Richard Sharpe 2013-03-14 21:42:54 UTC
This is a FreeBSD-only bug.

Timur has a fix for this at: http://samba.org.ru/ports/patch-nsswitch__winbind_nss_freebsd.c

We will have verified it in a day or two.
Comment 2 Richard Sharpe 2013-03-14 21:43:43 UTC
Hmmm, there might be license issues, since Timur copied stuff from FreeBSD's libc.

Will need clarifications on that.
Comment 3 Jeremy Allison 2013-03-14 21:50:18 UTC
Shouldn't be an issue if it's a normal 3-clause BSD license.

Jeremy.
Comment 4 Matthew Trent 2013-06-11 21:01:59 UTC
Just bumped up against this bug today testing FreeNAS 9.1 (nightly). Samba version 3.6.13. Took me a while to figure out why my domain local group based permissions weren't working as expected. Switched to a global group and it works fine. "id username" omits the domain local group.

Any updates on a fix?
Comment 5 Björn Jacke 2014-07-23 22:03:40 UTC
Timur: can you shed some light on what the problem here is on FreeBSD and do you have the mentioned patch around?
Comment 6 Björn Jacke 2015-02-22 18:39:55 UTC

*** This bug has been marked as a duplicate of bug 10835 ***