winbind tools don't seem to agree on idmappings
This bug report was converted into a question: question #135584: winbind tools don't seem to agree on idmappings.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba (Ubuntu) |
Invalid
|
Low
|
Unassigned |
Bug Description
Binary package hint: samba
# lsb_release -rd
Description: Ubuntu 10.04.1 LTS
Release: 10.04
# uname -a
Linux kuat 2.6.32-24-server #39-Ubuntu SMP Wed Jul 28 06:21:40 UTC 2010 x86_64 GNU/Linux
# apt-cache policy samba
samba:
Installed: 2:3.4.7~
Candidate: 2:3.4.7~
Version table:
2:
500 http://
500 http://
*** 2:3.4.7~
100 /var/lib/
2:
500 http://
3.
500 http://
The following has got me a little worried. I noticed the XXXXX222 GID showing up after I recently deleted a couple keys using tdbtool, one of which was an SID linked to GID XXXXX218 which was causing permission issues because it was one of two SIDs pointing to the same GID (if it's any interest, the key I deleted was the SID for the windows BUILTIN\NETWORK group). Deleting the key seemed to resolve that issue. What follows is what I am seeing since that change. Note: I have replaced parts of the GIDs and SIDs with X's. Between the two GIDs in question the prefix is the same and they both link to the exact same SID. There is at least one other group I'm aware of that I am seeing this problem with as well. First of all I don't understand why I now have two GIDs pointing to the same SID. Secondly, I get varying responses from wbinfo, tdbtool, and net idmap dump - who do I trust?
wbinfo shows
# wbinfo --gid-info XXXXX218
DOMAIN\domain admins:x:XXXXX222
# wbinfo --gid-info XXXXX222
DOMAIN\domain admins:x:XXXXX222
# wbinfo -G XXXXX218
S-1-5-21-
# wbinfo -G XXXXX222
S-1-5-21-
# wbinfo -Y S-1-5-21-
XXXXX222
tdbtool shows
tdbtool /var/lib/
tdb> show GID\ XXXXX218\0
fetch failed
tdb> show GID\ XXXXX222\0
key 13 bytes
GID XXXXX222
data 46 bytes
S-1-5-21 -XXXXXXX
XXX-XXXX XXXXXX-X
XXXXXXXX X-512
idmap dump shows
net idmap dump /var/lib/
GID XXXXX218 S-1-5-21-
notice GID XXXXX222 does not show up here
number of files currently owned by this group/these GIDs
# ls -alRg /path/to/
41934
# ls -alnRg /path/to/
41933
# ls -alnRg /path/to/
1
Any thoughts/
description: | updated |
description: | updated |
Changed in samba (Ubuntu): | |
importance: | Undecided → Low |
Changed in samba (Ubuntu): | |
status: | New → Invalid |