Samba problems joing to a Windows 2003 ADS

David kacuba thewho212000 at yahoo.com
Tue May 6 16:33:24 GMT 2008 

 
  I get errors with wbinfo-u error looking up domain users. 
   
  wbinfo -u 
  BUILTIN+administrators
BUILTIN+users.
   
   nsswitch/winbindd_util.c:trustdom_recv(235)
  Could not receive trustdoms
[2008/05/06 12:18:02, 1] nsswitch/winbindd_util.c:trustdom_recv(235)
  Could not receive trustdoms
[2008/05/06 12:23:02, 1] nsswitch/winbindd_util.c:trustdom_recv(235)
  Could not receive trustdoms
[2008/05/06 12:27:57, 1] nsswitch/winbindd_ads.c:ads_cached_connection(128)
  ads_connect for domain FAMILYENRICHMEN failed: Invalid credentials
[2008/05/06 12:28:29, 1] nsswitch/winbindd_util.c:trustdom_recv(235)
  Could not receive trustdoms
  2008/05/06 11:25:06, 1] smbd/sesssetup.c:reply_spnego_kerberos(439)
  Username FAMILYENRICHMEN+dkacuba is invalid on this system

   
   
  here is my smb.conf
   
  [global]
  # workgroup = NT-Domain-Name or Workgroup-Name
   workgroup = FAMILYENRICHMEN
  # server string is the equivalent of the NT Description field
        server string = Samba Server
  # This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
;   hosts allow = 192.168.0.1 192.168.2. 127.
  # if you want to automatically load your printer list rather
# than setting them up individually then you'll need this
        printcap name = /etc/printcap
        load printers = yes
  # It should not be necessary to spell out the print system type unless
# here. See the man page for details.
;   interfaces = 192.168.12.2/24 192.168.13.2/24
  # Configure remote browse list synchronisation here
#  request announcement to, or browse list sync from:
#       a specific host or from / to a whole subnet (see below)
;   remote browse sync = 192.168.3.25 192.168.5.255
# Cause this host to announce itself to local subnets here
;   remote announce = 192.168.1.255 192.168.2.44
  # Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
;   local master = no
  # OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
;   os level = 122
  # Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
;   domain master = no
   # Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
;   domain logons = no
  # if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
;   logon script = %m.bat
# run a specific logon batch file per username
;   logon script = %U.bat
  # Where to store roving profiles (only for Win95 and WinNT)
#        %L substitutes for this servers netbios name, %U is username
#        You must uncomment the [Profiles] share below
;   logon path = \\%L\Profiles\%U
  # All NetBIOS names must be resolved to IP Addresses
# 'Name Resolve Order' allows the named resolution mechanism to be specified
# the default order is "host lmhosts wins bcast". "host" means use the unix
# system gethostbyname() function call that will use either /etc/hosts OR
# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf
# and the /etc/resolv.conf file. "host" therefore is system configuration
# dependant. This parameter is most often of use to prevent DNS lookups
# in order to resolve NetBIOS names to IP Addresses. Use with care!
# The example below excludes use of name resolution for machines that are NOT
# on the local network segment
# - OR - are not deliberately to be known via lmhosts or via WINS.
; name resolve order = wins lmhosts bcast
  # Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
;   wins support = no
  # WINS Server - Tells the NMBD components of Samba to be a WINS Client
#       Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
;   wins server = 192.168.1.155
  # WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one  WINS Server on the network. The default is NO.
;   wins proxy = no
  # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
# this has been changed in version 1.9.18 to no.
  # this has been changed in version 1.9.18 to no.
;       dns proxy = no
  # Case Preservation can be handy - system default is _no_
# NOTE: These can be set on a per share basis
;  preserve case = no
;  short preserve case = no
# Default case is normally upper case for all DOS files
;  default case = lower
# Be very careful with case sensitivity - it can break things!
;  case sensitive = no
  #============================ Share Definitions ==============================
   idmap uid = 16777216-33554431
   idmap gid = 16777216-33554431
   template shell = /sbin/nologin
   winbind use default domain = true
   security = ads
   realm = FamilyEnrichmentNetwork.local
   winbind separator = +
   winbind enum users = yes
   winbind enum groups = yes
   client use spnego = Yes
   encrypt passwords = yes
   guest ok = no
   guest account = nobody
;   spnego = yes
    oplocks = no
   level2 oplocks = no
    kernel oplocks = no
  [homes]
        comment = Home Directories
        browseable = no
        writeable = yes
  # Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
;   comment = Network Logon Service
;   path = /home/netlogon
;   guest ok = yes
;   writable = no
;   share modes = no
   
  krb5.conf
  [logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
  [libdefaults]
 default_realm = FamilyEnrichmentNetwork.local
 dns_lookup_realm = False
 dns_lookup_kdc = False
 ticket_lifetime = 24h
 forwardable = yes
  [realms]
 FamilyEnrichmentNetwork.lcoal = {
  kdc = 192.168.0.1
  admin_server = 192.168.0.1
  default_domain = FamilyEnrichmentNetwork.local
 }
  [domain_realm]
 .FamilyEnrichmentNetwork.local = FamilyEnrichmentNetwork.local
 FamilyEnrichmentNetwork.local= FamilyEnrichmentNetwork.local
  kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
  [libdefaults]
 default_realm = FamilyEnrichmentNetwork.local
 dns_lookup_realm = False
 dns_lookup_kdc = False
 ticket_lifetime = 24h
 forwardable = yes
   
  nsswitch.conf
  nsspasswd:     files winbind
shadow:     files winbind
group:      files winbind
   
  
 
  
 
  Thanks for your help sorry so long





       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.

More information about the samba-technical mailing list