[Samba] Winbind - wbinfo -u works, getent passwd only gives local users

Henrik Zagerholm henke at mac.se
Thu May 24 20:51:40 GMT 2007 

Did you link libnss_winbind correctly?

http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ 
winbind.html#id412579

Cheers,
henrik
23 maj 2007 kl. 00:02 skrev David Lee:

> Thanks for the suggestion, but these are already set.
>
> I am not making any progress on this.
>
> David Lee
>
> On Friday 18 May 2007 08:53, Alex Crow wrote:
>> In smb.conf, do you have
>> winbind enum groups = yes
>> winbind enum users = yes ?
>>
>> I got stumped by this myself but these seem now to be off by  
>> default and
>> need to be added for nsswitch to enumerate users/groups.
>>
>> Cheers
>>
>> Alex
>>
>> On Thu, 2007-05-17 at 18:30 +0100, David Lee wrote:
>>> Hi Rune
>>> I have
>>>
>>> passwd:         compat winbind
>>> group:          compat winbind
>>> shadow:         compat
>>>
>>> hosts:          files dns
>>> networks:       files
>>>
>>> protocols:      db files
>>> services:       db files
>>> ethers:         db files
>>> rpc:            db files
>>>
>>> netgroup:       nis
>>>
>>> and am now wondering what the netgroup entry is doing.
>>> Other than that, it looks OK to me.
>>>
>>> Removing the netgroup entry does not help.
>>>
>>> David Lee
>>>
>>> ----------  Forwarded Message  ----------
>>>
>>> Subject: Re: [Samba] Winbind  - wbinfo -u works, getent passwd  
>>> only gives
>>> local users
>>> Date: Thursday 17 May 2007 01:20
>>> From: Rune Tønnesen
>>>
>>> Hi' David
>>>
>>> have you checked your setup in the /etc/nsswitch.conf file?
>>> --
>>> Rune Tønnesen
>>> Venlig Hilsen/Best Regards
>>>
>>>> I only have limited Samba experience, and expect this is a silly
>>>> mistake, but have been unable to find a solution
>>>>
>>>> I have installed Samba and Winbind on my desktop Linux (Debian)  
>>>> machine
>>>> (SPARKSTONELX), aiming to unify logins with other windows machines
>>>> accessing the PDC, again samba/Debian, with tdbsam password  
>>>> backend.
>>>> All is well, joining the domain, and getting account details using
>>>> wbinfo -u, but getent passwd only gives the local account details.
>>>>
>>>> The log file on the PDC (FILESTONE) reports
>>>>
>>>> [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242)
>>>>   get_md4pw: Workstation SPARKSTONELX$: no account in domain
>>>> [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2 
>>>> (461)
>>>>   _net_auth2: failed to get machine password for account  
>>>> SPARKSTONELX$:
>>>> NT_STATUS_ACCESS_DENIED
>>>>
>>>> [2007/05/15 22:31:52, 1]
>>>> nsswitch/winbindd_group.c:winbindd_getgrnam(259) group  
>>>> sparkstonelx$ in
>>>> domain STONES does not exist
>>>>
>>>> and on the Linux desktop
>>>>
>>>> [2007/05/15 22:30:18, 1]
>>>> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
>>>>   cli_pipe_validate_current_pdu: RPC fault code
>>>> DCERPC_FAULT_OP_RNG_ERROR received from remo
>>>> te machine FILESTONE pipe \lsarpc fnum 0x767a!
>>>> [2007/05/15 22:30:18, 1]
>>>> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
>>>>   cli_pipe_validate_current_pdu: Bind NACK received from remote
>>>> machinesparkstonelx:/var/log/samba# wbinfo --own-domain
>>>> STONES
>>>> sparkstonelx:/var/log/samba# wbinfo -t
>>>> checking the trust secret via RPC calls succeeded
>>>> sparkstonelx:/var/log/samba# wbinfo -D stones
>>>> Name              : STONES
>>>> Alt_Name          :
>>>> SID               : S-1-5-21-835963941-2627181251-1431239077
>>>> Active Directory  : No
>>>> Native            : No
>>>> Primary           : Yes
>>>> Sequence          : 1179266454
>>>>  FILESTONE pipe \samr
>>>>  fnum 0x767b!
>>>> [2007/05/15 22:30:18, 0]
>>>> rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
>>>>   cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with
>>>> error NT_STATUS_NETWORK_
>>>> ACCESS_DENIED
>>>> [2007/05/15 22:30:18, 1]
>>>> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
>>>>   cli_pipe_validate_current_pdu: Bind NACK received from remote  
>>>> machine
>>>> FILESTONE pipe \lsar
>>>> pc fnum 0x767e!
>>>> [2007/05/15 22:30:18, 0]
>>>> rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
>>>>   cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with
>>>> error NT_STATUS_NETWORK_
>>>> ACCESS_DENIED
>>>>
>>>> but
>>>>
>>>> sparkstonelx:/var/log/samba# wbinfo --own-domain
>>>> STONES
>>>> sparkstonelx:/var/log/samba# wbinfo -t
>>>> checking the trust secret via RPC calls succeeded
>>>> sparkstonelx:/var/log/samba# wbinfo -D stones
>>>> Name              : STONES
>>>> Alt_Name          :
>>>> SID               : S-1-5-21-835963941-2627181251-1431239077
>>>> Active Directory  : No
>>>> Native            : No
>>>> Primary           : Yes
>>>> Sequence          : 1179266454
>>>>
>>>> Any ideas?
>>>>
>>>> My network is about 6 machines in a Christian community, some  
>>>> being XP
>>>> home, which limits my possible security settings!
>>>> --
>>>> David Lee
>>>> ----------------------------
>>>> Living Stones, Flore, UK
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>>>
>>> -------------------------------------------------------
>>>
>>> --
>>> David Lee
>>> ----------------------------
>>> Living Stones, Flore, UK
>
> -- 
> David Lee
> ----------------------------
> Living Stones, Flore, UK
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list