[Samba] sernet samba nss

Rowland Penny rowlandpenny at googlemail.com
Fri Jul 25 02:00:05 MDT 2014 

On 25/07/14 05:39, Hauke Homburg wrote:
> Hello,
>
> At this moment i setup a SAMBA 4 Memberserver. I installed the 
> following packages:
>
> ii  libwbclient0:amd64 99:4.1.9-8                    amd64        Glue 
> package for sernet-samba-libs.
> ii  sernet-samba 99:4.1.9-8                    amd64        SMB/CIFS 
> file, print, and login server for Unix
> ii  sernet-samba-ad 99:4.1.9-8                    amd64        Samba 
> Active Directory Domain Controller
> ii  sernet-samba-client 99:4.1.9-8                    amd64        a 
> LanManager-like simple client for Unix
> ii  sernet-samba-common 99:4.1.9-8                    all          
> Samba common files used by both the server and the client
> ii  sernet-samba-keyring 1.4                           all          
> GnuPG archive keys of the SerNet Samba archive
> ii  sernet-samba-libpam-smbpass:amd64 99:4.1.9-8                    
> amd64        Glue package for sernet-samba-libs.
> ii  sernet-samba-libs:amd64 99:4.1.9-8                    amd64        
> Samba common library files used by both the server and the client
> ii  sernet-samba-libsmbclient0:amd64 99:4.1.9-8                    
> amd64        Shared library that allows applications to talk to SMB 
> servers
> ii  sernet-samba-winbind 99:4.1.9-8                    amd64        
> Samba nameservice integration serve
>
> my smb.conf:
>
> # Global parameters
> [global]
>
>    netbios name = SRV001
>    workgroup = test
>    security = ADS
>    realm = test.local
>    encrypt passwords = yes
>
>    idmap config *:backend = tdb
>    idmap config *:range = 70001-80000
>    idmap config test:backend = ad
>    idmap config test:schema_mode = rfc2307
>    idmap config test:range = 500-40000
>
>    winbind nss info = rfc2307
>    winbind trusted domains only = no
>    winbind use default domain = yes
>    winbind enum users  = yes
>    winbind enum groups = yes
>
>    log level = 3
>
> My nssswitch.conf:
>
> # /etc/nsswitch.conf
> #
> # Example configuration of GNU Name Service Switch functionality.
> # If you have the `glibc-doc-reference' and `info' packages installed, 
> try:
> # `info libc "Name Service Switch"' for information about this file.
>
> passwd:         compat winbind
> group:          compat winbind
> shadow:         compat
>
> hosts:          files dns
> networks:       files
>
> protocols:      db files
> services:       db files
> ethers:         db files
> rpc:            db files
>
> netgroup:       nis
>
> wbinfo -u tells me Domain Users, wbinfo -g tells me domain groups. But 
> with getent passwd i don't see the domain users.
>
> I used 
> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server#Make_domain_users.2Fgroups_available_locally_through_Winbind
>
> can you help me?
>
> Hauke
I think that because you are using the sernet packages, you may have to 
set PAM up manually, see this post:

https://lists.samba.org/archive/samba/2014-April/180404.html

Rowland

More information about the samba mailing list