Ubuntu
samba package

internal-use-only SIDs being mapped to GIDs on users

Bug #1719889 reported by Chris Weiss on 2017-09-27

10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	samba (Ubuntu)	Triaged	Low	Unassigned

Bug Description

Ubuntu server 16.04, samba/winbind package version 4.3.11+dfsg-0ubuntu0.16.04.11

When logging in via SSH as a domain user the error "groups: cannot find name for group ID 2005" is displayed. running "id $username" also shows this 2005 group with no name.

"wbinfo -G 2005" returns "S-1-18-1", no other lookups for 2005 or S-1-18-1 return anything.

MS documentation lists S-1-18-1 as AUTHENTICATION_AUTHORITY_ASSERTED_IDENTITY, which should not be exposed in the manner that it is here.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: winbind 2:4.3.11+dfsg-0ubuntu0.16.04.11
ProcVersionSignature: Ubuntu 4.4.0-31.50-generic 4.4.13
Uname: Linux 4.4.0-31-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.1-0ubuntu2.10
Architecture: amd64
Date: Wed Sep 27 08:25:47 2017
NmbdLog:

OtherFailedConnect: Yes
ProcEnviron:
TERM=xterm-256color
SHELL=/bin/bash
PATH=(custom, no user)
LANG=en_US.UTF-8
XDG_RUNTIME_DIR=<set>
SambaServerRegression: No
SmbConfIncluded: Yes
SmbLog:

SourcePackage: samba
UpgradeStatus: Upgraded to xenial on 2016-05-09 (505 days ago)

Tags:

Revision history for this message

Chris Weiss (cweiss) wrote on 2017-09-27:

#1

Dependencies.txt Edit (4.9 KiB, text/plain; charset="utf-8")
JournalErrors.txt Edit (103.2 KiB, text/plain; charset="utf-8")
ProcCpuinfoMinimal.txt Edit (773 bytes, text/plain; charset="utf-8")
SMBConf.txt Edit (1.2 KiB, text/plain; charset="utf-8")
SambaInstalledVersions.txt Edit (369 bytes, text/plain; charset="utf-8")

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2018-06-27:

#2

Hi,
it seems there were similar issues discussed in bug 1307778
They got resolved groupds with no GID in AD, but still ended up having the issue around S-1-18-1 that you reported.

Looking back how the other issue was fixed I really think you should try to recreate the issue on the latest version in Ubunutu (e.g. 4.7.6+dfsg~ubuntu-0ubuntu2 in Ubuntu Cosmic or even newer but not yet released 4.8.2 from https://launchpad.net/~ahasenack/+archive/ubuntu/samba-merge-4.8-1778125).

This most unlikely is a bug in Ubuntu, but in the upstream code.
Therefore if reproducible there report it upstream in https://bugzilla.samba.org/enter_bug.cgi and report back here the bug id so we can track and include the fix.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2019-01-09:

#3

Also check your group mapping, using "net groupmap list"

Changed in samba (Ubuntu):
status:	New → Incomplete

Revision history for this message

Chris Weiss (cweiss) wrote on 2019-01-09:

#4

net groupmap list only shows Administrators and Users.

the problem does not exist on 18.04.

I realize it's not a bug "in ubuntu", but in the version of samba that ubuntu 16.04 is using. from experience I can tell you that reporting it to samba is just going to result in them saying "compile your own newer samba version", which does nothing to get ubunut's LTS samba package to not give this message.

Revision history for this message

Robie Basak (racb) wrote on 2019-01-10:

#5

> the problem does not exist on 18.04.

OK, so I'll mark this bug as Triaged as I think it's clear what behaviour needs to change. I'm setting this as Importance: Low though, since I think this affects only unusual end-user configurations of Ubuntu. I don't expect the Ubuntu server team to work on this any time soon, but if you can provide a patch and help drive the QA required to get a fix into 16.04, we'd be happy to take it.

> ...which does nothing to get ubunut's LTS samba package to not give this message.

In Ubuntu we can cherry-pick an upstream fix (or come up with our own fix) and apply it to 16.04. How practical this is depends on the exact fix.

If this bug previously existed upstream and has since been fixed in a newer upstream release, it would be helpful to find the upstream bug reference (if it exists) and the upstream VCS commit(s) that fix the problem.

If you can volunteer your help, please see https://wiki.ubuntu.com/StableReleaseUpdates#Procedure for details. The first step though is to figure out a patch that works for the samba package in Ubuntu 16.04, which can be done independent of Ubuntu processes.

Changed in samba (Ubuntu):
importance:	Undecided → Low
status:	Incomplete → Triaged

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.