It is the dreaded ship active directory astern... and I'm at wits end...
In the picture is a "wbinfo -u" that works fine, a "wbinfo -g" that works fine, "getent group" works fine but "getent passwd" does not.
All of these pass:
This does not work:
Steps I've tried:
* from the GUI:
- rebuild database
- enable/disable active directory/smb
* From the CLI:
- manually emptying /var/tmp/.cache/.samba/
Turning up debugging, log.winbindd shows this:
I suspect it is this "NT_STATUS_NO_SUCH_USER" that is part of the problem here.
Looking at the samba config:
... the ID ranges are wide enough to allow the UID and it is the same as another FreeNAS 9 host that is working fine.
In the picture is a "wbinfo -u" that works fine, a "wbinfo -g" that works fine, "getent group" works fine but "getent passwd" does not.
All of these pass:
Code:
$ wbinfo -u | wc -l 56 $ wbinfo -g | wc -l 71 $ wbinfo -t checking the trust secret for domain AD via RPC calls succeeded $ wbinfo --ping-dc checking the NETLOGON for domain[AD] dc connection to "adserver.local" succeeded $ net cache list | egrep '^Key:.*2045' | wc -l 2 $ wbinfo --sid-to-uid S-1-5-21-2700000000-1860000000-2950000000-2000 2045 $ wbinfo --uid-to-sid 2045 S-1-5-21-2700000000-1860000000-2950000000-2000 $ wbinfo -u | grep 'AD\user' | wc -l 1 $ wbinfo -s S-1-5-21-2700000000-1860000000-2950000000-2000 AD\user 1 $ wbinfo --gid-info 9000 AD\group:x:9000:
This does not work:
Code:
$ wbinfo -i 'AD\user' failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND Could not get info for user AD\user $ wbinfo --uid-info 2000 failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND Could not get info for uid 2000
Steps I've tried:
* from the GUI:
- rebuild database
- enable/disable active directory/smb
* From the CLI:
Code:
# service samba_server stop # net cache flush # service ix-pre-samba start # service samba_server start
- manually emptying /var/tmp/.cache/.samba/
Turning up debugging, log.winbindd shows this:
Code:
... [2018/02/08 16:30:57.974986, 1, pid=46603, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:468(ndr_print_function_debug) wbint_LookupSid: struct wbint_LookupSid in: struct wbint_LookupSid sid : * sid : S-1-5-21-2700000000-1860000000-2950000000-2000 [2018/02/08 16:30:57.975051, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Schedule immediate event "tevent_req_trigger": 0x811ebd160 [2018/02/08 16:30:57.975076, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Run immediate event "tevent_req_trigger": 0x811ebd160 [2018/02/08 16:30:57.975103, 1, pid=46603, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:468(ndr_print_function_debug) wbint_LookupSid: struct wbint_LookupSid out: struct wbint_LookupSid type : * type : SID_NAME_USER (1) domain : * domain : * domain : 'AD' name : * name : * name : 'user' result : NT_STATUS_OK [2018/02/08 16:30:57.975220, 1, pid=46603, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:468(ndr_print_function_debug) wbint_GetNssInfo: struct wbint_GetNssInfo in: struct wbint_GetNssInfo info : * info: struct wbint_userinfo domain_name : * domain_name : 'AD' acct_name : * acct_name : 'user' full_name : NULL homedir : * homedir : '/home/%D/%U' shell : * shell : '/bin/sh' uid : 0x00000000000007f5 (2037) primary_gid : 0x00000000ffffffff (4294967295) primary_group_name : NULL user_sid : S-1-5-21-2700000000-1860000000-2950000000-2000 group_sid : S-1-5-21-2700000000-1860000000-2950000000-513 [2018/02/08 16:30:57.975407, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Schedule immediate event "tevent_queue_immediate_trigger": 0x811e4df60 [2018/02/08 16:30:57.975431, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Run immediate event "tevent_queue_immediate_trigger": 0x811e4df60 [2018/02/08 16:30:57.975456, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Added timed event "tevent_req_timedout": 0x811e4e620 [2018/02/08 16:30:57.976044, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Destroying timer event 0x811e4e620 "tevent_req_timedout" [2018/02/08 16:30:57.976083, 1, pid=46603, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:468(ndr_print_function_debug) wbint_GetNssInfo: struct wbint_GetNssInfo out: struct wbint_GetNssInfo info : * info: struct wbint_userinfo domain_name : * domain_name : 'AD' acct_name : * acct_name : 'user' full_name : NULL homedir : * homedir : '/home/%D/%U' shell : * shell : '/bin/sh' uid : 0x00000000000007f5 (2037) primary_gid : 0x00000000ffffffff (4294967295) primary_group_name : NULL user_sid : S-1-5-21-2700000000-1860000000-2950000000-2000 group_sid : S-1-5-21-2700000000-1860000000-2950000000-513 result : NT_STATUS_OK [2018/02/08 16:30:57.976291, 10, pid=46603, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/wb_sids2xids.c:113(wb_sids2xids_send) SID 0: S-1-5-21-2700000000-1860000000-2950000000-513 [2018/02/08 16:30:57.976323, 10, pid=46603, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-2700000000-1860000000-2950000000-513]: value=[-1:N] [2018/02/08 16:30:57.976344, 10, pid=46603, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-2700000000-1860000000-2950000000-513]: id=[4294967295], endptr=[:N] [2018/02/08 16:30:57.976365, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Schedule immediate event "tevent_req_trigger": 0x811ef3160 [2018/02/08 16:30:57.976388, 50, pid=46603, effective(0, 0), real(0, 0), class=tevent] ../lib/util/tevent_debug.c:66(samba_tevent_debug) samba_tevent: Run immediate event "tevent_req_trigger": 0x811ef3160 [2018/02/08 16:30:57.976412, 5, pid=46603, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_getpwuid.c:111(winbindd_getpwuid_recv) Could not convert sid S-1-5-21-2700000000-1860000000-2950000000-2000: NT_STATUS_NO_SUCH_USER [2018/02/08 16:30:57.976437, 10, pid=46603, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd.c:797(wb_request_done) wb_request_done[47514:GETPWUID]: NT_STATUS_NO_SUCH_USER
I suspect it is this "NT_STATUS_NO_SUCH_USER" that is part of the problem here.
Looking at the samba config:
Code:
# grep idmap /usr/local/etc/smb4.conf idmap config *: backend = tdb idmap config *: range = 90000001-100000000 idmap config AD: backend = ad idmap config AD: range = 1000-90000000 idmap config AD: schema mode = rfc2307
... the ID ranges are wide enough to allow the UID and it is the same as another FreeNAS 9 host that is working fine.
Last edited: