LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Samba problem Getent differs from wbinfo (http://www.linuxquestions.org/questions/linux-networking-3/samba-problem-getent-differs-from-wbinfo-493615/)

baslemmens 10-18-2006 03:32 PM

Samba problem Getent differs from wbinfo
 
Hi guys,

I am having a problem with my samba AD 2003 server setup. When I create a new group in AD I can see it with wbinfo -g but getent group it does not show. Restarting winbind service or winbindd or samba service will not do the trick.....

Authenticating is working fine for the users known.

Any ideas where to look?

bas

baslemmens 10-19-2006 03:22 AM

more details from winbind commands
 
Maybe the posting was not clear yet.

By doing a wbinfo it is showing the group information I expect to see. On the domain controller I added the Managers group. It returns in the list below:

[root@rhel /]# wbinfo -g
BUILTIN+System Operators
BUILTIN+Replicators
BUILTIN+Guests
BUILTIN+Power Users
BUILTIN+Print Operators
BUILTIN+Administrators
BUILTIN+Account Operators
BUILTIN+Backup Operators
BUILTIN+Users
VOORMEDIA+Domain Admins
VOORMEDIA+Domain Users
VOORMEDIA+Domain Guests
VOORMEDIA+Domain Computers
VOORMEDIA+Domain Controllers
VOORMEDIA+Schema Admins
VOORMEDIA+Enterprise Admins
VOORMEDIA+Group Policy Creator Owners
VOORMEDIA+DnsUpdateProxy
VOORMEDIA+Managers
VOORMEDIA+Project members

Now I added the getent group details as you can see there are already domain groups in there, but the later added Managers group (and Project Members group as well):

[root@rhel /]# getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
dbus:x:81:
floppy:x:19:
vcsa:x:69:
rpm:x:37:
haldaemon:x:68:
utmp:x:22:
netdump:x:34:
nscd:x:28:
slocate:x:21:
sshd:x:74:
rpc:x:32:
rpcuser:x:29:
nfsnobody:x:4294967294:
mailnull:x:47:
smmsp:x:51:
pcap:x:77:
apache:x:48:
squid:x:23:
webalizer:x:67:
xfs:x:43:
ntp:x:38:
gdm:x:42:
pegasus:x:65:
blemmens:x:500:
rtimmermans:x:501:
mverkoijen:x:502:
bolminkhof:x:503:
jgoedhart:x:504:
gsmit:x:505:
admins:x:506:blemmens,mverkoijen
employees:x:507:blemmens,bolminkhof,gsmit,jgoedhart,mverkoijen,rtimmermans
managers:x:508:blemmens,mverkoijen
VOORMEDIA+Domain Admins:x:16777217:VOORMEDIA+Administrator
VOORMEDIA+Domain Users:x:16777216:VOORMEDIA+Administrator,VOORMEDIA+SUPPORT_388945a0,VOORMEDIA+krbtgt,VOORMEDIA+blemm ens,VOORMEDIA+rtimmermans,VOORMEDIA+henk,VOORMEDIA+mverkoijen
VOORMEDIA+Domain Guests:x:16777218:VOORMEDIA+Guest
VOORMEDIA+Domain Computers:x:16777219:VOORMEDIA+W2K3-INET$,VOORMEDIA+rhel$
VOORMEDIA+Domain Controllers:x:16777220:VOORMEDIA+W2K3-DC$
VOORMEDIA+Schema Admins:x:16777221:VOORMEDIA+Administrator
VOORMEDIA+Enterprise Admins:x:16777222:VOORMEDIA+Administrator
VOORMEDIA+Group Policy Creator Owners:x:16777223:VOORMEDIA+Administrator
VOORMEDIA+DnsUpdateProxy:x:16777224:
BUILTIN+System Operators:x:16777225:
BUILTIN+Replicators:x:16777226:
BUILTIN+Guests:x:16777227:
BUILTIN+Power Users:x:16777228:
BUILTIN+Print Operators:x:16777229:
BUILTIN+Administrators:x:16777230:
BUILTIN+Account Operators:x:16777231:
BUILTIN+Backup Operators:x:16777232:
BUILTIN+Users:x:16777233:

baslemmens 10-19-2006 03:45 AM

solution:
 
The range set in smc.conf was set to lower number than the gid's from the DC were changing the range to reach into 9 figure range solved the problem

bas


Oct 19 10:51:32 rhel winbindd[7315]: [2006/10/19 10:51:32, 0] sam/idmap_tdb.c:db_allocate_id(136)
Oct 19 10:51:32 rhel winbindd[7315]: idmap Fatal Error: GID range full!! (max: 200000)


All times are GMT -5. The time now is 02:50 PM.