Help please...Winbind problem using trusted domains?
Walter_Prentice/Trimax at trimax.com
Walter_Prentice/Trimax at trimax.com
Mon Dec 17 08:33:04 GMT 2001
Hi, I'm new to Samba and Winbind, after following the instructions I found
in the Samba doc's and in this list a finally configured a Samba server
using the Winbind services two weeks ago.
Everything was working fine one Monday ... until this Friday when suddenly
the windbind stopped showing the local domain groups.
I can actually access the shares I've set up last week , but if I try to
see the NT groups from the shell (wbinfo -g) I get "Error looking up domain
groups" so if I try to change or assing a new NT group using the permission
tab on KDE I can not see the NT gropus.
Security is OK (wbinfo -t)
History/Environment:
I'm using RH 7.0 and Samba 2.2.2
We have two offices linked by a T1 (one in Canada, one in USA) with two NT
domain and a trust relationship established.
I need to add a local route to the Samba server in order to see the USA
domain.
Last week I had to remove the route needed to see the USA domain because
the server was really slow when trying to validate users or simply trying
to change or add permissions on KDE. Even the logon service stop responding
(maybe timeout).
By doing this I was able to see only the local domain groups (Canada). I
did this because the "allow trusted domain" switch seems not to be working,
no matter what a set here I was able to see the groups from the two domains
and it was really slow.
After this Friday, if a add the route again I'm able to see the USA
domain's groups but not the Canada (local) groups !!!
Could you please help me with these problems, I also have some questions
for you:
1. Is there a way to set Samba and winbind to work only with my local
domain ?
2. Can we make the samba server act as a BDC so that if we miss the winbind
service we can still gain access to the shares using the local security
information.
3. If I join the server to the domain again, will I have to set up the
security again, (gid and uid numbers wil change ?)
This is a copy of my smb.conf
# Samba config file created using SWAT
# from cto3nsfp (127.0.0.1)
# Date: 2001/12/17 10:17:43
# Global parameters
[global]
workgroup = TRIMAX
server string = File Server - Linux RH 7.0 Samba 2.2.2
security = DOMAIN
encrypt passwords = Yes
allow trusted domains = No
password server = GATE
name resolve order = lmhosts wins host bcast
addprinter command = /usr/bin/addprinter
preferred master = False
local master = No
domain master = False
dns proxy = No
wins server = 142.67.0.10
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind cache time = 1800
printer admin = trimax\walterp walterp
hosts allow = 142.67.
[CIT Group]
path = /home/Toronto/citgroup
read only = No
[Marketing]
path = /home/Toronto/marketing
read only = No
[DriveN]
path = /home/Toronto/public/nt1drivec
read only = No
inherit permissions = Yes
guest ok = Yes
[DriveO]
path = /home/Toronto/public/nt1drived
read only = No
inherit permissions = Yes
guest ok = Yes
[DriveP]
path = /home/Toronto/public/nt1drivee
read only = No
inherit permissions = Yes
guest ok = Yes
[printers]
comment = All Printers
path = /var/spool/samba
read only = No
guest ok = Yes
printable = Yes
use client driver = Yes
printer driver file =
browseable = No
[print$]
path = /usr/local/samba/printer
read only = No
inherit permissions = Yes
guest ok = Yes
More information about the samba
mailing list