wbinfo -r with w2k AD

Ulf Händel U.Haendel at dvidee.de
Thu Jan 9 14:57:02 GMT 2003 

Hi all,

while testing to integrate some samba servers in an w2k AD Domain we found
a couple of issues,
i try to summarize it:

W2K Server using SP3

samba versions:
debian unstable package 3.0.alpha21-3
cvs version 08.01.2003 build on debian unstable


all domains set up as standalone domain building forest root and schema
root

smb.conf

workgroup = TEST
realm = TEST.LOC
#realm = TEST.TEST.LOC

security = ads
ads server = w.x.y.z
password server = w.x.y.z
encrypt passwords = yes
passdb backend = tdbsam unixsam
wins server = w.x.y.z

# PasswordChat Section
;    unix password sync = false
    passwd program = /usr/bin/passwd %u
    passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spasswor
;    pam password change = no
    obey pam restrictions = yes

# WinBind Settings
    winbind uid = 10000-20000
    winbind gid = 10000-20000
    template shell = /bin/bash
    winbind separator = +
    winbind enum users = yes
    winbind enum groups = yes
    winbind use default domain = yes


# Other
    panic action = /usr/share/samba/panic-action %d
;    message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &



w2k AD native mode
workgroup:     TEST
Domain:   test.test.loc

wbinfo -r administrator
gives back all groups

wbinfo -r user
gives back only the primary group


w2k AD native mode
workgroup:     TEST
Domain:   test.loc

wbinfo -r administrator
gives back all groups

wbinfo -r user
gives back only the primary group

w2k AD mixed mode
workgroup:     TEST
Domain:   test.loc

wbinfo -r administrator
gives back all groups

wbinfo -r user
gives back all groups

w2k AD mixed mode
workgroup:     TEST
Domain:   test.test.loc

wbinfo -r administrator
gives back all groups

wbinfo -r user
gives back all groups

in any setting the getent group gives back all users in the goups
exept users in the format aa.bb


irc-nic: flu

mit freundlichem Gruß


Ulf Händel

--
DV IDEE GmbH          Tel.:       0511 8483281
Adelheidstraße 4-5      Fax.:      0511 8483233
30171 Hannover         Mobil.   0170 5400369
e-mail.: u.haendel at dvidee.de

More information about the samba-technical mailing list