[Samba] AD Question
Jason Gerfen
jason.gerfen at scl.utah.edu
Mon Nov 7 19:58:46 GMT 2005
I have a question regarding joining a Samba 3 machine to a Windows 2000
Domain using ADS authentication.
I have been able to join the machine to the domain, enumerate users with
getent and wbinfo -u. The problem I am having is with a Windows 2000
default domain setup an AD object is created:
CN=Users,DC=Domain,DC=Com
Generally all users created belong in this container. I am able to
enumerate every user account in the domain EXCEPT this one? Can someone
help me with this?
[smb.conf]
[global]
workgroup = SCL
realm = SCL.UTAH.EDU
server string = new-odin.domain.com
security = ADS
update encrypted = Yes
password server = *
password level = 20
preferred master = No
domain master = No
idmap uid = 500-500000
idmap gid = 500-500000
winbind separator = /
winbind cache time = 5
winbind use default domain = Yes
winbind nested groups = Yes
[odin]
comment = ODIN
path = /odin
read only = No
inherit acls = Yes
[krb5.conf]
[libdefaults]
default_realm = DOMAIN.COM
clockskew = 300
[realms]
DOMAIN.COM = {
kdc = 10.10.1.95
default_domain = domain.com
admin_server = 10.10.1.95
}
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
[domain_realm]
.domain.com = DOMAIN.COM
domain.com = DOMAIN.COM
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 0
}
Any help is appreciated.
--
Jason Gerfen
"My girlfriend threated to
leave me if I went boarding...
I will miss her."
~ DIATRIBE aka FBITKK
More information about the samba
mailing list