# samba4 as domain member, winbind doesn't find user



## huehnerhose (Oct 7, 2014)

Hi,

I am trying (a long time now) to get a samba4 server as a domain member in a Windows ADS network of my university. The configuration of that domain is not "the standard" so I had many troubles on the way. But finally I was able to get my samba4 and winbind to find users and groups and so on, but not always and not all... the details:

`wbinfo -u` lists all (100k+) domain users as DOMAIN\username.
`wbinfo -i username@domain` finds sometimes user. Specifically: After a reboot I am able to get 5-10 user details before i*I*am stuck with:

```
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user username@domain
```
After that I can use `wbinfo --authenticate=username@domain` and enter the password. After doing this I am able to get user details (`wbinfo -i`) of that user without any problems.

I really "just" want do use that whole authentication stuff to deliver shares to my users, based on their membership in various groups via SMB. My tests show (love that phrase) as long as I am able to get user information via `wbinfo -i`, Samba is able to authenticate this user. If wbinfo doesn't work I'll get 

```
Failed to map kerberos principal to system user (NT_STATUS_LOGON_FAILURE)
```
in /var/log/samba4/log.smbd.

Do you have any ideas why wbinfo, and therefore winbind, changes its behavior?

Thanks!


----------

