Samba 4 Domain Member - problem

Carlos Miguel Bustillo Rdguez cbustillo at uclv.edu.cu
Fri Dec 20 10:39:23 MST 2013 

Our domain is based entirely Windows Server 2008R2.

I don't know really your question.

Is necessary that domain users have a uidNumbers?? Where I can see this
numbers??

Thanks, Carlos
On 12/20/2013 12:27 PM, Rowland Penny wrote:
> On 20/12/13 17:11, Carlos Miguel Bustillo Rdguez wrote:
>> Rowland:
>>
>>    thanks for your time. I have made your recomendation. But the problem
>> remains:
>>
>> # wbinfo -i mmorales
>> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
>> Could not get info for user mmorales
>>
>> # id mmorales
>> id: mmorales: No such user
>>
>> Why the command "id" worked initially?
>> Sometimes command "id" identify the users and others don't do it.
>>
>> Regards, Carlos
>>
>> PD: Happy Christmas for all!!
>>
>> On 12/20/2013 04:37 AM, Rowland Penny wrote:
>>> On 19/12/13 23:12, Carlos Miguel Bustillo Rdguez wrote:
>>>> Hello list:
>>>>
>>>> Recently I join my Samba 4.1.3 (from Sernet packages in Debian Wheezy)
>>>> to my Microsoft Windows 2008R2 Domain as member server.
>>>>
>>>> I following the steps in
>>>> https://wiki.samba.org/index.php/Samba/Domain_Member
>>>>
>>>> Initially all worked perfectly, but later I note that some user in my
>>>> MSAD don't appear when I use "id" command:
>>>> # id joe
>>>> id: joe: No such user
>>>>
>>>> These are the result from "testparm" command:
>>>> Load smb config files from /etc/samba/smb.conf
>>>> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
>>>> (16384)
>>>> Processing section "[pkt]"
>>>> Processing section "[test]"
>>>> Loaded services file OK.
>>>> Server role: ROLE_DOMAIN_MEMBER
>>>> Press enter to see a dump of your service definitions
>>>>
>>>> [global]
>>>>       workgroup = MYDOMAIN
>>>>       realm = MYDOMAIN.COM
>>>>       security = ADS
>>>>       winbind enum users = Yes
>>>>       winbind enum groups = Yes
>>>>       winbind use default domain = Yes
>>>>       winbind nss info = rfc2307
>>>>       idmap config MYDOMAIN:range = 500-100000
>>>>       idmap config MYDOMAIN:schema_mode = rfc2307
>>>>       idmap config MYDOMAIN:backend = ad
>>>>       idmap config *:range = 70001-80000
>>>>       idmap config * : backend = tdb
>>>>       map acl inherit = Yes
>>>>       printing = bsd
>>>>       print command = lpr -r -P'%p' %s
>>>>       lpq command = lpq -P'%p'
>>>>       lprm command = lprm -P'%p' %j
>>>>       store dos attributes = Yes
>>>>       vfs objects = acl_xattr
>>>>
>>>> [pkt]
>>>>       path = /home/big
>>>>       read only = No
>>>>
>>>> [test]
>>>>       path = /home/test
>>>>       read only = No
>>>>
>>>> The big problem is when I add new users to the shares above (pkt and
>>>> test), they cannot login.
>>>>
>>>> I think that the problem is associated with winbind and
>>>> libnss_winbind.so.2 library:
>>>>
>>>> I put the necessary symbolic links in /lib64 (my hardware is x86_64),
>>>> the I ran the following to check if the libraries are activated:
>>>> #ldconfig -v | grep winbind
>>>> ldconfig: Path `/lib/x86_64-linux-gnu' given more than once
>>>> ldconfig: Path `/usr/lib/x86_64-linux-gnu' given more than once
>>>>       libnss_winbind.so -> libnss_winbind.so.2
>>>>       libnss_winbind.so -> libnss_winbind.so.2
>>>>
>>>>
>>>> I appreciate some help about it.
>>>>
>>>> Regards, Carlos
>>>>
>>>>
>>>> La Universidad Central "Marta Abreu" de Las Villas en su 60
>>>> Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:
>>>> http://www.uclv.edu.cu
>>>> Participe en Universidad 2014, del 10 al 14 de febrero de 2014.
>>>> Habana. Cuba. http://www.congresouniversidad.cu/
>>>>
>>>>
>>> First thing that you need to fix is your ranges, 'idmap config *:range =
>>> 70001-80000' is inside 'idmap config MYDOMAIN:range = 500-100000'
>>> The *:range needs to come before or after MYDOMAIN:range
>>> i.e.
>>> idmap config MYDOMAIN:range = 500-100000
>>> idmap config *:range = 100001-101000
>>>
>>> Rowland
>>>
>>>
>>> La Universidad Central "Marta Abreu" de Las Villas en su 60
>>> Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:
>>> http://www.uclv.edu.cu
>>> Participe en Universidad 2014, del 10 al 14 de febrero de 2014.
>>> Habana. Cuba. http://www.congresouniversidad.cu/
>>>
>>>
>>> .
>>>
>>
>> La Universidad Central "Marta Abreu" de Las Villas en su 60
>> Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:
>> http://www.uclv.edu.cu
>> Participe en Universidad 2014, del 10 al 14 de febrero de 2014.
>> Habana. Cuba. http://www.congresouniversidad.cu/
>>
>>
> Do the users that do not appear have uidNumbers in AD and if they do,
> are these numbers inside the range you set for your domain ?
>
> Rowland
>
>
> La Universidad Central "Marta Abreu" de Las Villas en su 60 Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:  http://www.uclv.edu.cu
> Participe en Universidad 2014, del 10 al 14 de febrero de 2014. Habana. Cuba. http://www.congresouniversidad.cu/
>
>
> .
>


La Universidad Central "Marta Abreu" de Las Villas en su 60 Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:  http://www.uclv.edu.cu
Participe en Universidad 2014, del 10 al 14 de febrero de 2014. Habana. Cuba. http://www.congresouniversidad.cu/

More information about the samba-technical mailing list