[Samba] Re: (3.0.2a) nsswitch/winbindd_user.c:winbindd_getpwnam(157)

[Ken Wright]

Seems as though the log entries below were a red herring. After setting 
local permissions to DOMAIN+USER/GROUP I am able to read/write as 
expected from a domain windoze machine. The smb.conf entries required 
the same format of DOMAIN+USER/GROUP in the share block (valid users =, 
write list = , etc.). I did read where this format was to be 
discontinued in smb.conf but apparently not yet.

What puzzles me now is how to provide equal access to files/directories 
for both local users and domain users. As stated, I have setup the maps 
between local and domain groups using "net groupadd", but as of yet am 
unable to provide local write access to files/directories having domain 
ownership and visa versa. Does groupmap not provide this?

Thanks,

Ken

Ken Wright wrote:

> After connecting to the samba server as a domain user without password 
> challenge, authenticating against a w2k DC (security = ADS), with 
> winbindd running, I can navigate the shares successfully but cannot 
> write to the share.
> 
> I have done "net groupadd ..." to map windoze-unix groups.
> I am assuming from the log enties below that my access problem lies in 
> the given errors. How to resolve?
> 
> Also, I have seen a variety of conflicting examples of how to properly 
> define domain users and groups in smb.conf. Can someone provide the 
> proper definition that has evolved for 3.0.2a?
> 
>  From winbind.log:
> -----------------
> nsswitch/winbindd_user.c:winbindd_getpwnam(157)
> user 'SERVER$' does not exist
> 
>  From the SERVER.log:
> --------------------
> [2004/03/15 18:08:02, 1] smbd/sesssetup.c:reply_spnego_kerberos(245)
> Username DOMAIN+SERVER$ is invalid on this system
> 
> Thanks,
> 
> Ken
> 
>