[Samba] Winbind on HPUX11, Totally Stuck, Please Help
michael.steffens at hp.com
Tue Jan 28 08:34:16 GMT 2003
Miles Roper wrote:
> Hi Drew,
> No luck.
> Pretty much done all that, still get all the same problems
> That site was pretty good though :o)
There is one thing missing, however. If you fake winbind NSS to be
ldap, exported constructor names in winbind_nss_solaris.c also need
to be adjusted:
_nss_winbind_passwd_constr -> _nss_ldap_passwd_constr
_nss_winbind_group_constr -> _nss_ldap_group_constr
Just redirecting the symlink doesn't do. Hmm, this tweaking
of winbind NSS constructors is awful, changing from correct to
This is what I did:
1. Create a copy of winbind_nss_solaris.c with a descriptive
name, like winbind_nss_solaris_fakeldap.c
2. Do constructor replacements descriped above in the copy
3. Build shared library with a descriptive name, like
make nsswitch/winbind_nss_solaris_fakeldap.po \
ld -b -B symbolic +h libnss_winbind_fakeldap.1 -o nsswitch/libnss_winbind_fakeldap.1 \
nsswitch/winbind_nss_solaris_fakeldap.po nsswitch/winbind_nss.po \
4. Create symlink in /usr/lib
libnss_ldap.1 -> libnss_winbind_fakeldap.1
and leave original libnss_winbind.1 as it is.
This way gives a hint to administrators/supporters about what has
been tweaked, and it allows to revert the hack easily once the
conflict with libpam_unix.1 has been resolved.
> Does anyone have an idea about the shell logging in? Why do I keep on
> getting logged out? Does the home directory need to be created, does it
> need a .profile? What about the permissions? I've tried creating one
> world writeable but no luck.
I did not see any dependeny to the home directory. If it doesn't
exist, or is not accessible, the user just gets a warning and is
being put to '/'.
But the login shell is important ("template shell" parameter).
If the shell doesn't exist, or happens to be /usr/bin/false,
you will get logged off immediately.
More information about the samba-technical