Samba 4 Domain Member - problem
Carlos Miguel Bustillo Rdguez
cbustillo at uclv.edu.cu
Fri Dec 20 10:39:23 MST 2013
Our domain is based entirely Windows Server 2008R2.
I don't know really your question.
Is necessary that domain users have a uidNumbers?? Where I can see this
numbers??
Thanks, Carlos
On 12/20/2013 12:27 PM, Rowland Penny wrote:
> On 20/12/13 17:11, Carlos Miguel Bustillo Rdguez wrote:
>> Rowland:
>>
>> thanks for your time. I have made your recomendation. But the problem
>> remains:
>>
>> # wbinfo -i mmorales
>> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
>> Could not get info for user mmorales
>>
>> # id mmorales
>> id: mmorales: No such user
>>
>> Why the command "id" worked initially?
>> Sometimes command "id" identify the users and others don't do it.
>>
>> Regards, Carlos
>>
>> PD: Happy Christmas for all!!
>>
>> On 12/20/2013 04:37 AM, Rowland Penny wrote:
>>> On 19/12/13 23:12, Carlos Miguel Bustillo Rdguez wrote:
>>>> Hello list:
>>>>
>>>> Recently I join my Samba 4.1.3 (from Sernet packages in Debian Wheezy)
>>>> to my Microsoft Windows 2008R2 Domain as member server.
>>>>
>>>> I following the steps in
>>>> https://wiki.samba.org/index.php/Samba/Domain_Member
>>>>
>>>> Initially all worked perfectly, but later I note that some user in my
>>>> MSAD don't appear when I use "id" command:
>>>> # id joe
>>>> id: joe: No such user
>>>>
>>>> These are the result from "testparm" command:
>>>> Load smb config files from /etc/samba/smb.conf
>>>> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
>>>> (16384)
>>>> Processing section "[pkt]"
>>>> Processing section "[test]"
>>>> Loaded services file OK.
>>>> Server role: ROLE_DOMAIN_MEMBER
>>>> Press enter to see a dump of your service definitions
>>>>
>>>> [global]
>>>> workgroup = MYDOMAIN
>>>> realm = MYDOMAIN.COM
>>>> security = ADS
>>>> winbind enum users = Yes
>>>> winbind enum groups = Yes
>>>> winbind use default domain = Yes
>>>> winbind nss info = rfc2307
>>>> idmap config MYDOMAIN:range = 500-100000
>>>> idmap config MYDOMAIN:schema_mode = rfc2307
>>>> idmap config MYDOMAIN:backend = ad
>>>> idmap config *:range = 70001-80000
>>>> idmap config * : backend = tdb
>>>> map acl inherit = Yes
>>>> printing = bsd
>>>> print command = lpr -r -P'%p' %s
>>>> lpq command = lpq -P'%p'
>>>> lprm command = lprm -P'%p' %j
>>>> store dos attributes = Yes
>>>> vfs objects = acl_xattr
>>>>
>>>> [pkt]
>>>> path = /home/big
>>>> read only = No
>>>>
>>>> [test]
>>>> path = /home/test
>>>> read only = No
>>>>
>>>> The big problem is when I add new users to the shares above (pkt and
>>>> test), they cannot login.
>>>>
>>>> I think that the problem is associated with winbind and
>>>> libnss_winbind.so.2 library:
>>>>
>>>> I put the necessary symbolic links in /lib64 (my hardware is x86_64),
>>>> the I ran the following to check if the libraries are activated:
>>>> #ldconfig -v | grep winbind
>>>> ldconfig: Path `/lib/x86_64-linux-gnu' given more than once
>>>> ldconfig: Path `/usr/lib/x86_64-linux-gnu' given more than once
>>>> libnss_winbind.so -> libnss_winbind.so.2
>>>> libnss_winbind.so -> libnss_winbind.so.2
>>>>
>>>>
>>>> I appreciate some help about it.
>>>>
>>>> Regards, Carlos
>>>>
>>>>
>>>> La Universidad Central "Marta Abreu" de Las Villas en su 60
>>>> Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:
>>>> http://www.uclv.edu.cu
>>>> Participe en Universidad 2014, del 10 al 14 de febrero de 2014.
>>>> Habana. Cuba. http://www.congresouniversidad.cu/
>>>>
>>>>
>>> First thing that you need to fix is your ranges, 'idmap config *:range =
>>> 70001-80000' is inside 'idmap config MYDOMAIN:range = 500-100000'
>>> The *:range needs to come before or after MYDOMAIN:range
>>> i.e.
>>> idmap config MYDOMAIN:range = 500-100000
>>> idmap config *:range = 100001-101000
>>>
>>> Rowland
>>>
>>>
>>> La Universidad Central "Marta Abreu" de Las Villas en su 60
>>> Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:
>>> http://www.uclv.edu.cu
>>> Participe en Universidad 2014, del 10 al 14 de febrero de 2014.
>>> Habana. Cuba. http://www.congresouniversidad.cu/
>>>
>>>
>>> .
>>>
>>
>> La Universidad Central "Marta Abreu" de Las Villas en su 60
>> Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:
>> http://www.uclv.edu.cu
>> Participe en Universidad 2014, del 10 al 14 de febrero de 2014.
>> Habana. Cuba. http://www.congresouniversidad.cu/
>>
>>
> Do the users that do not appear have uidNumbers in AD and if they do,
> are these numbers inside the range you set for your domain ?
>
> Rowland
>
>
> La Universidad Central "Marta Abreu" de Las Villas en su 60 Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en: http://www.uclv.edu.cu
> Participe en Universidad 2014, del 10 al 14 de febrero de 2014. Habana. Cuba. http://www.congresouniversidad.cu/
>
>
> .
>
La Universidad Central "Marta Abreu" de Las Villas en su 60 Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en: http://www.uclv.edu.cu
Participe en Universidad 2014, del 10 al 14 de febrero de 2014. Habana. Cuba. http://www.congresouniversidad.cu/
More information about the samba-technical
mailing list