[Samba] samba PDC/NIS client

Simon Matthews simon.d.matthews at gmail.com
Fri Mar 9 14:04:07 MST 2012 

On Fri, Mar 9, 2012 at 6:15 AM, Gaiseric Vandal
<gaiseric.vandal at gmail.com>wrote:

> I don't think is this a samba issue.   Samba accounts need to have a
> corresponding unix account.   Shouldn't matter if they are in NIS or
> /etc/passwd.   If you have users in both it could get a problem.
>
> Is "getent passwd" really showing the users from NIS?


Yes.  In fact, for those users who are in both the /etc/passwd and nis
tables, it shows both entries (and the details match between both entries)

 How about "getent shadow" (assuming a linux machine and not solaris,


No, this only shows the users with entries in /etc/shadow. However:
1. getent passwd includes the hashed passwords of users in the nis tables
2. It was not necessary to add the user to /etc/shadow in order to allow
samba domain logins. All I had to do was add the user to /etc/passwd.


> and probably doesn't matter anyway.)   Do you have an /etc/nsswitch.conf
> entry for
>
>    shadow:  files nis
>
Yes

>
>
> Are you missing the : in the nsswitch.conf entries?
>
No.

>
> Are your user names all in lower case?  Are they all 8 characters or under.


 Yes.

Simon

>
>
>
>
>
>
>
> On 03/08/12 22:46, Simon Matthews wrote:
>
>> I have a server which is a samba PDC and has recently been converted to an
>> NIS client. For historic reasons, many users login information is in the
>> local machine's /etc/passwd and /etc/shadow files.
>>
>> samba is set up to use a tdbsam database.
>>
>> I got the first indication of problems when I tried to add a user using
>> the
>> smbpasswd -a command. I found that smbpasswd would not recognize the user
>> unless either the username was in the /etc/passwd file, or I changed
>> /etc/nsswitch.conf from
>> passwd compat
>> TO:
>> passwd files nis
>>
>> However, if I make the latter change, the user cannot log into any Windows
>> machines that are controlled by my PDC. To allow logins, all I have to do
>> is
>> ypcat passwd | grep<username>  >>  /etc/passwd
>> After this, the user can log in.
>>
>> Is there any configuration of samba that will allow it to properly
>> recognize user data from the NIS map and not require the user to be listed
>> in the /etc/passwd file?
>>
>> Simon
>>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
>

More information about the samba mailing list