winbind in samba-HEAD
Paul Sanders
sanders_p at univerahealthcare.org
Wed Jan 3 21:29:48 GMT 2001
>has anybody been able to get winbind to compile in the samba-HEAD cvs?
>Armand Welsh
Howdy!
We have run into similar problems - apparently the winbind code in samba 2.2
was included only to verify compilation and is not functional [this is what i
gather from reading the mailing lists for the last two months...]. We have
found a couple ways to build winbind as follows [again, this has been gleaned
from many posts and threads...]:
One way [used by my partner Adam Read - see his posts on the subject for the
errors we were recieving]:
We are using Redhat 6.2.
Get CVS of SAMBA_2_2 then do
configure --with-pam
make
make install
then get CVS of TNG, cd to the TNG source and then do
configure
make
make nsswitch [this pulls in the latest winbind code from the TNG
branch]
you will then need to copy a few files:
libnss_winbind.so => /lib/libnss_winbind.so.2
pam_winbind.so => /lib/security/pam_winbind.so
/source/bin/winbindd => /usr/local/samba/bin/winbindd [or whatever path you
use...]
from there follow the winbindd man page for details on getting on the domain,
etc.
Another way [used by me on this very day...]
Again with the Redhat 6.2 already...
I obtained CVS of HEAD [pre 3.0 with alot of TNG/winbind code already
included...] and TNG [PUT THEM IN DIFFERENT TARGETS!]
I then used the samba-appliance-0.5-src.rpm to create the tarball in
/usr/src/redhat/SOURCES and unzipped and untarred it:
rpm -hiv samba-appliance-0.5-src.rpm
cd /usr/src/redhat/SOURCES
tar -zxvf samba-appliance-0.5-src.tar.gz
this creates a directory named samba-appliance-0.5 with two code branches
underneath named HEAD and TNG. These sources are a bit out of date [October '00
!!!!] so copy the /source directories from the branches you just obtained to
those branch sources: in otherwords - copy the TNG/source to
/usr/src/redhat/SOURCES/samba-appliance-0.5/TNG/source and the 2.2 source to
/usr/src/redhat/SOURCES/samba-appliance-0.5/HEAD/source. You now have the
appliance source updated with HEAD [pre 3.0] and TNG sources.
from this point you can attempt to configure, make, make install [i did not do
this] OR you can use the build script included in the appliance package [I did
this...]. To use the build script you first recreate the gzipped tarball from
the appliance directory [this may not really be necessary but I did it anyway to
fit what the script asked for...]
go to the .../SOURCES directory and do
tar -cvf samb-appliance-0.5-src.tar samba-appliance-0.5
gzip samba-appliance-0.5-src.tar
copy build.sh from the appliance to
/usr/src/redhat/SOURCES/samba-appliance-0.5/ and run it [./build.sh]
This method uses the appliance build script which compiles samba with
nsswitch/winbind. We just updated the source with the current CVS of the HEAD
and TNG branches to replace the nonfuntional code that is [apparently] in
SAMBA_2_2.
you then need to copy the libnss_winbind.so and pam_winbind.so files and follow
the rest of the directions in the winbindd manpage.
I think that these methods are accompishing the same goal but in a different
manner. also please keep in mind that I am relatively new to samba and there
are probably several ways to do this that aren't as convoluted. They do,
however, seem to work [or at least get winbind running...].
Hope this is of use to you [or anyone else].
Problems that we are still having:
when we get winbind running and the samba box on the domain we get some
puzzling behavior interacting with NT groups. for instance: 'getent passwd'
dumps a list of all NT domain users but 'getent group' starts listing NT groups
but core dumps part way through. In smb.conf I reduced the winbind gid range to
1000-1057 and 'getent group' will list the first 57 NT groups. If I set it to
1000-1058 or higher we get the seg fault. Does anyone have any ideas on that
one?
Paul Sanders
More information about the samba-technical
mailing list