[Samba] ADS mode - differences between W2K and 2003?
smc+samba at dogphilosophy.net
smc+samba at dogphilosophy.net
Thu Jul 21 19:36:00 GMT 2005
I'm having a bizarre problem doing authentication via winbind against a
Windows 2003 server.
Aside from changing the hostname information, etc. as appropriate for
krb5.conf and smb.conf, the configuration I'm using is one that I copied from
another server that is successfully authenticating against ads.
The two systems I'm having trouble with are running Suse Linux Enterprise
Server 9 and Suse Linux Professional 9.3, respectively. Both have the same
odd problem:
As configured, everything seems like it should work. I kinit'd as
administrator to the Windows 2003 server successfully. "net ads join"
appears to have joined the computers to the domain successfully. "getent
passwd" and "wbinfo -u" both give me listings of the "domain users" on the
Windows 2003 server. "wbinfo -U (domain user UID)" does give me the SID
of the domain user in question (domain users mapped as UID 15000-30000).
However, "getent passwd (domain user name)" doesn't work at all. It gives no
response (no errors, just drops back to command line). 'strace getent passwd
(user)' doesn't even show that libnss_winbind.so is being opened (even though
"getent passwd" to get the list is.)
Is this a Windows 2003 issue? I've seen mention of winbind doing "funny
things" like this before on the mailing list, but don't recall any firm
resolutions. Any help would be appreciated. Thanks.
(These symptoms appear to happen with both 3.0.14a from Suse and the
3.0.20pre2 rpm's from the Samba server).
More information about the samba
mailing list