[Samba] wbinfo -u Don't show users from trusted(ing) domain on domain member server
Wasil
sub_wasil at mail.ru
Wed Mar 16 03:35:19 MDT 2011
Hi, All!
I Have Samba (3.5.6) domain witch have trust relations with ADS (Named TEST) Win2008 (2008 domain mode)
On PDC all working very good.
I have also Domain Member server in my samba Domain.
When i trying type wbinfo -u, or getent passwd on samba PDC (Named BINKLG) I see all, including ADS users.
When I trying do it on Domain Member Server I don't see users from ADS
Is it possible to view thats users (from trusted domain) on DMS (not BDC)?
Samba 3.5.6
after typing wbinfo -u:
suspicious strings in log files
loglevel 10:
log.wb-TEST
[2011/03/16 10:55:56.466417, 10] winbindd/winbindd_util.c:1337(winbindd_can_contact_domain)
winbindd_can_contact_domain: TEST is an AD domain and we have no inbound trust.
[2011/03/16 10:55:56.466470, 10] winbindd/winbindd_rpc.c:55(query_user_list)
query_user_list: No incoming trust for domain TEST
loglevel 3:
log.wb-TEST
[2011/03/16 11:07:23.731615, 3] winbindd/winbindd_cm.c:1633(connection_ok)
connection_ok: Connection to KLG-PDC1 for domain BINKLG is not connected
[2011/03/16 11:07:23.731717, 3] winbindd/winbindd_cm.c:1736(set_dc_type_and_flags_trustinfo)
set_dc_type_and_flags_trustinfo: No connection to our domain!
[2011/03/16 11:07:23.742157, 3] winbindd/winbindd_rpc.c:48(query_user_list)
rpc: query_user_list
smb.conf
[global]
workgroup = BINKLG
security = domain
netbios name = DW-DEBIAN
username map = /etc/samba/smbusers
log level= 10
syslog = 0
log file = /var/log/samba/%m
max log size = 0
#smb ports = 139
name resolve order = wins bcast hosts
wins server = xx.xx.xx.xx
idmap uid = 10000 - 20000
idmap gid = 10000 - 20000
template shell = /bin/bash
#winbind separator = +
realm = XXX.XXXX.XXX
encrypt passwords = yes
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
allow trusted domains = yes
winbind nested groups = yes
#client use spnego = no
password server = KLG-PDC1
nsswitch.conf
passwd: files ldap winbind
group: files ldap winbind
shadow: files ldap winbind
hosts: files wins dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
publickey: nisplus
netgroup: files
libnss_ldap.conf
host xx.xx.xx.xx
base dc=xxx,dc=xxxxx,dc=xxx
binddn cn=Administrator,dc=xxx,dc=xxxxx,dc=xxx
bindpw xxxxxxx
timelimit 50
bind_timelimit 50
bind_policy hard
idle_timelimit 3600
pam_password exop
nss_base_passwd dc=xxx,dc=xxxxx,dc=xxx
nss_base_shadow dc=xxx,dc=xxxxx,dc=xxx
nss_base_group dc=xxx,dc=xxxxx,dc=xxx
ssl off
Thank you,
Wasil.
More information about the samba
mailing list