Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1364108 - wbinfo -u --domain='*' returns Error looking up domain users
Summary: wbinfo -u --domain='*' returns Error looking up domain users
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: samba
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Andreas Schneider
QA Contact: Robin Hack
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-08-04 13:40 UTC by Robin Hack
Modified: 2016-08-09 12:53 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-08-09 12:53:15 UTC


Attachments (Terms of Use)
Logs (deleted)
2016-08-04 13:41 UTC, Robin Hack
no flags Details

Description Robin Hack 2016-08-04 13:40:48 UTC
Description of problem:


Version-Release number of selected component (if applicable):
samba-4.4.4-4

Worked on rhel7.2

How reproducible:
Many times.. not always.

Steps to Reproduce:
1. join samba to windows 2003 AD with
smb.conf:
[global]
#--authconfig--start-line--

# Generated by authconfig on 2016/08/04 09:10:09
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future

   workgroup = ZELGROUP
   password server = *
   realm = ZELGROUP.ZEL
   security = ADS
   idmap config * : range = 10000-20000
   winbind separator = +
   template shell = /bin/bash
   kerberos method = secrets only
   winbind use default domain = false
   winbind offline logon = true

#--authconfig--end-line--
;kerberos method = secrets and keytab
log level = 10
;winbind separator = +
winbind enum users = yes
idmap config * : range = 10000-20000
;realm = ZELGROUP.ZEL
server signing = auto
netbios name = qeos-235
;workgroup = ZELGROUP
;security = ADS
;password server = *
wins server = 10.34.36.16, 
encrypt passwords = yes
[zelshare]
read only  = no
path = /tmp/tmp.HuN7g2Lub1

2. call 
3.

Actual results:
fails

Expected results:
should work?

Additional info:
All logs are attached.

Comment 1 Robin Hack 2016-08-04 13:41:45 UTC
Created attachment 1187516 [details]
Logs

Comment 4 Andreas Schneider 2016-08-08 15:16:48 UTC
The winbind child for the domain 'CHILD' is trying to connect to it's DC server but fails. So it tries several ways (hosts, bcast, ...) to lookup the DC. However in the meantime we run into 'winbind request timeout' (see man smb.conf) and wbinfo stops with:

wbinfo -u --domain='*'     
Error looking up domain users

Increasing the value for the smb.conf option 'winbind request timeout' allows the wbinfo to wait till it receives the response from the main winbind.

A customer really shouldn't do 'wbinfo -u --domain='*', especially in a huge domain with thousands of users in each trusted domain.

Comment 5 Andreas Schneider 2016-08-08 15:19:20 UTC
I think the issue here is simply broken QA infrastructure :)

Robin, do you agree?

Comment 6 Robin Hack 2016-08-09 11:46:41 UTC
I disagree. Test works fine with rhel7.2.

Comment 8 Robin Hack 2016-08-09 12:17:00 UTC
Looks fixed by raising
winbind request timeout to 120


Note You need to log in before you can comment on or make changes to this bug.