Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 1364108

Summary: wbinfo -u --domain='*' returns Error looking up domain users
Product: Red Hat Enterprise Linux 7 Reporter: Robin Hack <rhack>
Component: sambaAssignee: Andreas Schneider <asn>
Status: CLOSED NOTABUG QA Contact: Robin Hack <rhack>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3CC: asn, gdeschner, jrivera
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-08-09 12:53:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Description Flags
Logs none

Description Robin Hack 2016-08-04 13:40:48 UTC
Description of problem:

Version-Release number of selected component (if applicable):

Worked on rhel7.2

How reproducible:
Many times.. not always.

Steps to Reproduce:
1. join samba to windows 2003 AD with

# Generated by authconfig on 2016/08/04 09:10:09
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future

   workgroup = ZELGROUP
   password server = *
   realm = ZELGROUP.ZEL
   security = ADS
   idmap config * : range = 10000-20000
   winbind separator = +
   template shell = /bin/bash
   kerberos method = secrets only
   winbind use default domain = false
   winbind offline logon = true

;kerberos method = secrets and keytab
log level = 10
;winbind separator = +
winbind enum users = yes
idmap config * : range = 10000-20000
server signing = auto
netbios name = qeos-235
;workgroup = ZELGROUP
;security = ADS
;password server = *
wins server =, 
encrypt passwords = yes
read only  = no
path = /tmp/tmp.HuN7g2Lub1

2. call 

Actual results:

Expected results:
should work?

Additional info:
All logs are attached.

Comment 1 Robin Hack 2016-08-04 13:41:45 UTC
Created attachment 1187516 [details]

Comment 4 Andreas Schneider 2016-08-08 15:16:48 UTC
The winbind child for the domain 'CHILD' is trying to connect to it's DC server but fails. So it tries several ways (hosts, bcast, ...) to lookup the DC. However in the meantime we run into 'winbind request timeout' (see man smb.conf) and wbinfo stops with:

wbinfo -u --domain='*'     
Error looking up domain users

Increasing the value for the smb.conf option 'winbind request timeout' allows the wbinfo to wait till it receives the response from the main winbind.

A customer really shouldn't do 'wbinfo -u --domain='*', especially in a huge domain with thousands of users in each trusted domain.

Comment 5 Andreas Schneider 2016-08-08 15:19:20 UTC
I think the issue here is simply broken QA infrastructure :)

Robin, do you agree?

Comment 6 Robin Hack 2016-08-09 11:46:41 UTC
I disagree. Test works fine with rhel7.2.

Comment 8 Robin Hack 2016-08-09 12:17:00 UTC
Looks fixed by raising
winbind request timeout to 120