[Bug 207791] Re: winbind forgets uid/name gid/name mappings in regulary periods

Drew Scott Daniels ddaniels at umalumni.mb.ca
Sat Mar 27 15:22:00 GMT 2010 

To people saying they have related bugs:

This bug is for the idmap working fine on initial login, but the mapping
being lost after the cache time is exceeded (with no other related
winbind activity like authentications/logins). The id mapping can be
seen (or seen as failed) using "ls" in a directory with files owned by
an active directory user (success shows names, failure shows numbers).

Preferably in a single comment please answer the following questions/steps:
0. Please file a separate bug if it's a separate issue.
1. If you find a configuration or specific set of versions that work, please list all the differences.
2. Please try everything below with a fresh install of lucid on a separate non-production system, if possible.
3. Please list the most recent package versions (e.g.: "dpkg -l|grep -i samba", and maybe other packages. ubuntu-bug might help). It'd also be useful to list your distribution even if it's clear from the version numbers, just to save time looking it up.
4. Please list relevant configuration options (e.g. both winbind and idmap  sections of /etc/samba/smb.conf and maybe more. ubuntu-bug might post the entire configuration file).
5. Check the log files for related information. /var/log/samba/log.winbind* might be more useful than some of the other log files. Post anything that might be relevant.
6. If using rid or ads as the backend, try to find out if you can still query the domain controller with wbinfo -u and wbinfo -g. You may need to check klist, net ads status, net ads info to see if your kerberos key didn't get renewed. Some of this should be run under sudo with an Active Directory (AD) authenticated user. Consider posting some of the output.
7. Try disabling the cache. Maybe try both "winbind cache time 0 " in smb.conf and with the line missing if you're not sure which disables the cache. Post to the bug the results of trying to get the mapping (e.g. by ls on a file owned by an Active Directory mapped user).
8. Try "winbind offline logon = false" in smb.conf and post the results of before and after cache timeout.
9. Post any information you can about the cache and mapping files. This could be a tbl file. The log files might give some information about this.
10. List whether you did a fresh install of Ubuntu or an upgrade. If it was an upgrade, what version(s) did you upgrade from?
11. Did you try any other idmap backends? If so, please list which ones and what order. I believe there might be a bug on switching backends without deleting a mapping file.

Thanks,

     Drew Daniels
Resume: http://www.boxheap.net/ddaniels/resume.html

-- 
winbind forgets uid/name gid/name mappings in regulary periods
https://bugs.launchpad.net/bugs/207791
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.

More information about the Ubuntu-server-bugs mailing list