Winbind on Samba 2.2.2-pre

leif.klepp at leif.klepp at
Thu Sep 20 03:39:01 GMT 2001


   Not sure whether this is ntdomain only, or part technical,
   so please excuse cross-posting

As the subject says, I'm trying to run Winbind on Samba 2.2.2-pre,
just dl'ed from CVS.

Running Win2K on domain servers, one PDC, one BDC.

Samba 2.2.2-pre compiled with following options:

Linux server running RedHat 7.1, with custom kernel including
XFS support, ACLs, and Compaq FibreChannel support (if relevant).

I could not find samedit, so I used smbpasswd to join the domain.
No errors (Joined domain).

"wbinfo -t" claims that the "secret is good"
"wbinfo -n <username>" resolves to SID
"wbinfo -u" results in "error looking up domain users"
"wbinfo -g" results in "error looking up domain groups"

"getent passwd" and "getent groups" lists only my Unix-created ones copied to /lib copied to /lib/security

Tried to fix /etc/pam.d/login .../passwd and .../samba to enable
domain logins, but does not work correctly yet..
According to my "messages" log, pam_winbind authorises the user,
but the user is not known to the underlying authentication arch.
(I presume this may mean that my pam-settings are screwed up)

I have a bunch of .tdb's in the .../locks directory, including:
 winbindd_idmap.tdb => 8192 bytes
 winbindd_cache.tdb => 696 bytes

When I was running winbindd with a higher debug-level, I did
see some error messages which claimed access denied (possibly

If anybody has any clues or opinion as to what may be the problem(s),
and/or the correct pam settings for domain logons to the linux server
(both console and samba), I'm more than happy to restart the samba
deamons (including winbind) with a higher debug level and provide
the log (or extracts to the list)..

Thanks in advance,
/Leif K.

More information about the samba-technical mailing list