RE: [squid-users] NTLM + groups problem

From: Pieterjan Heyse <[email protected]>
Date: Thu, 26 Oct 2006 14:42:52 +0200


> > Yes, I got all my groups
> OK ... then we try this. wbinfo_group.pl only starts some
> wbinfo commands to get the group membership. Try this manualy:
>
> wbinfo -n GROUP

1-semmanuel:/home/hermes# wbinfo -n Test
S-1-5-21-1085031214-1644491937-1801674531-23433 Domain Group (2)

> wil print the SID of the given group. Take it for the next step:
>
> wbinfo -Y SID

1-semmanuel:/home/hermes# wbinfo -Y S-1-5-21-1085031214-1644491937-1801674531-23433
Could not convert sid S-1-5-21-1085031214-1644491937-1801674531-23433 to gid

>
> and you should get the GID.

So the sid to gid conversion doesn't work. I presume it's a samba problem? Very odd, when I run these commands on another debian server (sarge) with samba installed and configged, I get:

hermes@1-scooppal:~$ wbinfo -n Test
S-1-5-21-1085031214-1644491937-1801674531-23433 Domain Group (2)
hermes@1-scooppal:~$ wbinfo -Y S-1-5-21-1085031214-1644491937-1801674531-23433
15063

So it's working there....

But ... The samba version is different. The working server has 3.0.14 and the defunct server has 3.0.23c (from etch)

So I have one working server, one defunct server, but I really need 2 working servers :(

My nsswitch.conf starts with this:


passwd: compat winbind
group: compat winbind


Pieterjan
Received on Thu Oct 26 2006 - 06:42:35 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:05 MST