Ubuntu
samba package

libnss-winbind truncates user names

Bug #1531821 reported by Christian Felsing
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
samba (Ubuntu)
New
Undecided
Unassigned

Bug Description

Problem:

getent passwd lists a /etc/passwd like list of known users. If there are active directory users you may get an output like that:

AUTH\short#1234567.net:*:3000123:100:short#1234567.net:/home/AUTH/short#1234567.net:/bin/false
AUTH\longername#1234567.ne:*:3000124:100:longername#1234567.net:/home/AUTH/longername#1234567.ne:/bin/false

At "longername" may should notice the truncation of TLD name .net to .ne

There are more issues arising from that, e.g.
su - longername#1234567.ne work, but su - longername#1234567.net does not work.

Expected behavior:

getent passwd should display:

AUTH\short#1234567.net:*:3000123:100:short#1234567.net:/home/AUTH/short#1234567.net:/bin/false
AUTH\longername#1234567.net:*:3000124:100:longername#1234567.net:/home/AUTH/longername#1234567.net:/bin/false

Config:

smb.conf

[global]
 workgroup = AUTH
 realm = auth.lan
 netbios name = AD3
 server role = active directory domain controller
 dns forwarder = 192.168.117.1

 auth methods = sam, winbind
 server services = s3fs, winbind, rpc, nbt, wrepl, cldap, ldap, kdc, drepl, ntp_signd, kcc, dnsupdate, dns
 dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver, remote, winreg, srvsvc

 idmap_ldb:use rfc2307 = yes
 idmap config *:backend = tdb
 idmap config *:range = 10000-99999
 idmap config AUTH : backend = ad
 idmap config AUTH : range = 100000-999999
 idmap config AUTH : schma_mode = rfc2307

 winbind nss info = rfc2307
 winbind trusted domains only = no
 winbind use default domain = yes
 winbind enum users = yes
 winbind enum groups = yes
 winbind refresh tickets = Yes

[netlogon]
 path = /var/lib/samba/sysvol/auth.lan/scripts
 read only = No

[sysvol]
 path = /var/lib/samba/sysvol
 read only = No

involved packages:

ii libnss-winbind:amd64 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Samba nameservice integration plugins
ii libpam-winbind:amd64 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Windows domain authentication integration plugin
ii libwbclient0:amd64 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Samba winbind client library
ii winbind 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 service to resolve user and group information from Windows NT servers
ii python-samba 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Python bindings for Samba
ii samba 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 SMB/CIFS file, print, and login server for Unix
ii samba-common 2:4.1.6+dfsg-1ubuntu2.14.04.11 all common files used by both the Samba server and client
ii samba-common-bin 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Samba common files used by both the server and the client
ii samba-dsdb-modules 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Samba Directory Services Database
ii samba-libs:amd64 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Samba core libraries
ii samba-vfs-modules 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Samba Virtual FileSystem plugins
ii libpam-winbind:amd64 2:4.1.6+dfsg-1ubuntu2.14.04.11 amd64 Windows domain authentication integration plugin

Other information:

Description: Ubuntu 14.04.3 LTS
Release: 14.04

libnss-winbind:
  Installiert: 2:4.1.6+dfsg-1ubuntu2.14.04.11
  Installationskandidat: 2:4.1.6+dfsg-1ubuntu2.14.04.11
  Versionstabelle:
 *** 2:4.1.6+dfsg-1ubuntu2.14.04.11 0
        500 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ trusty-security/universe amd64 Packages
        100 /var/lib/dpkg/status
     2:4.1.6+dfsg-1ubuntu2 0
        500 http://archive.ubuntu.com/ubuntu/ trusty/universe amd64 Packages

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.