[Samba] winbind: getent passwd displays the user, but SAMBA
says Get_Pwnam_internals didn't find user
Cédric Delfosse
cedric.delfosse at linbox.com
Thu Nov 16 14:16:40 GMT 2006
Le mercredi 15 novembre 2006 à 20:38 +0100, Cédric Delfosse a écrit :
> SAMBA 3.0.21c (domain is LINBOXTEXT)
> Windows 2000 SP4 (domain is ADTEST)
>
> Hello,
>
> I've established an interdomain trust relationship between SAMBA and
> Windows.
>
> Samba domain users can log into the Windows domain, but Windows domain
> users can't log to the SAMBA server.
Hello,
I upgraded to SAMBA 3.0.23c, and it still doesn't work.
Now "getent passwd" doesn't display the winbind entries (and I added
winbind enum users/groups = * to smb.conf), but wbinfo -u/-g works
And after one restart of samba/winbind, it's worse. I know have this:
# wbinfo --sequence
ADTEST : DISCONNECTED
BUILTIN : 137325808
LINBOXTEST : 137323728
# wbinfo -u
Error looking up domain users
But:
# wbinfo -a "ADTEST\dupond%dupond"
plaintext password authentication failed
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error messsage was: No logon servers
Could not authenticate user ADTEST\dupond%dupond with plaintext password
challenge/response password authentication succeeded
So at least users can be authenticated, but their account information
aren't successfully look up.
I'm now trying Samba 3.0.21d, as it looks like there is tons of winbind
improvements in this version ! )
Regards,
My smb.conf:
[global]
ldap group suffix = ou=Groups
ldap admin dn = cn=admin,dc=linbox,dc=com
add machine script = /usr/lib/lmc/add_machine_script '%u'
domain master = yes
domain logons = yes
preferred master = yes
logon path = \\%N\profiles\%u
netbios name = PDC01
print command =
null passwords = Yes
logon script = logon.bat
lprm command =
printcap name = cups
passdb backend = ldapsam:ldap://127.0.0.1/
workgroup = LINBOXTEST
enable privileges = Yes
ldap user suffix = ou=Users
map acl inherit = Yes
map to guest = Bad User
#name resolve order = bcast
lpq command = %p
log level = 3
ldap suffix = dc=linbox,dc=com
printing = cups
ldap machine suffix = ou=Computers
idmap backend = ldap:ldap://127.0.0.1/
ldap idmap suffix = ou=Idmap
idmap uid = 30000-40000
idmap gid = 30000-40000
# SAMBA 3.0.23c
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 1
wins support = yes
#auth methods = guest sam winbind
log level = 10
--
Cedric Delfosse Linbox / Free&ALter Soft
152, rue de Grigy - Technopole Metz 57070 METZ - FRANCE
tel: +33 (0)3 87 50 87 98 http://linbox.com
More information about the samba
mailing list