[Samba] Does anyone have winbind working on Freebsd?
Chere Zhou
qzhou at isilon.com
Wed Nov 20 22:51:00 GMT 2002
I went through this whole thing a couple of months ago. The problem is that
you don't have a good nsswitch working on FreeBSD. The nsswitch on FreeBSD
does not do dynamic loadable modules, as the way Linux do. The manual you
followed is for Linux users.
Richard Sharpe gave me a hint to fix this. Basically you need to change
source code, so that smbd knows to check with winbind for the domain user.
However, no other daemons on your FreeBSD box will be able to use the domain
user, as if you have a good nsswitch. Last time I checked, there is nobody
in the FreeBSD community working on improving nsswitch.
Let me know if you need further help.
Chere
> From: "Brent Ross (Edm)" <bross at UMAGroup.com>
> To: "'samba at lists.samba.org'" <samba at lists.samba.org>
> Date: Wed, 20 Nov 2002 12:29:13 -0700
> Subject: [Samba] Does anyone have winbind working on Freebsd?
>
> I have been trying to setup a Samba 2.2.6 server on FreeBSD 4.7. I want to
> use my NT4 domain for authentication of users. It looks like everything is
> setup properly as far as winbind is concerned, see below for results using
> wbinfo. I am still prompted for a password when trying to connect to the
> samba share. I cannot list the shares using "smbclient -L servername
> -Udomain+username" either, I get a server timeout error and the following
> error in my log.smbd:
> error connecting to 10.110.22.7:445 (Invalid argument)
> Using "getent passwd" only returns the unix users, not any domain users. I
> configured samba using --with-winbind and --with-winbind-auth-challenge,
> and followed "Unified logons between NT and Unix using winbind". Joined the
> samba server to my NT domain successfully. Freebsd 4.7 does not have a /lib
> folder so at the step for copying libnss_winbind.so to the /lib folder, I
> am copying to /usr/local/lib. I have also tried using the following
> folders: /usr/lib
> /usr/compat/linux/usr/lib
> /usr/compat/linux/lib
> but it still doesn't work. Does anyone have any idea why I am receiving the
> above error? I'm sure if I could correct the error this would all work, and
> if I could get "getent passwd" to show my domain users as well as just the
> local unix users, again this would be working. TIA for any help.
>
> wbinfo -t returns "Secret is good"
> wbinfo -u returns a list of all my domain users
> wbinfo -g returns a list of all domain groups
> wbinfo -a mydomain+myuser%mypassword returns success for both plaintext and
> challenge/response
>
> Here's my smb.conf:
> # Samba config file created using SWAT
> # from 10.110.22.40 (10.110.22.40)
> # Date: 2002/11/16 15:19:26
>
> # Global parameters
> [global]
> workgroup = MYDOMAIN
> security = DOMAIN
> encrypt passwords = Yes
> password server = *
> winbind uid = 10000-20000
> winbind gid = 10000-20000
> winbind separator = +
> winbind enum users = yes
> winbind enum groups = yes
> log level = 2
> wins server = 192.168.0.7
>
> [work]
> path = /usr/work
> valid users = "Domain Users"
> read only = No
>
> Here's my log.smbd:
> [2002/11/16 15:59:13, 2] param/loadparm.c:do_section(3055)
> Processing section "[work]"
> [2002/11/16 15:59:13, 2] lib/interface.c:add_interface(81)
> added interface ip=10.110.22.78 bcast=10.110.23.255 nmask=255.255.254.0
> [2002/11/16 15:59:48, 2] smbd/reply.c:reply_special(92)
> netbios connect: name1=EDM-GEO name2=EDM-02
> [2002/11/16 15:59:48, 2] smbd/reply.c:reply_special(111)
> netbios connect: local=edm-geo remote=edm-02
> [2002/11/16 15:59:48, 2] libsmb/namequery.c:name_query(421)
> Got a positive name query response from 10.110.22.7 ( 10.110.22.7 )
> [2002/11/16 15:59:48, 2] lib/util_sock.c:open_socket_out(874)
> error connecting to 10.110.22.7:445 (Invalid argument)
> [2002/11/16 15:59:54, 2] smbd/service.c:make_connection(331)
> Invalid username/password for work [nobody]
> [2002/11/16 15:59:56, 2] smbd/service.c:make_connection(331)
> Invalid username/password for work [nobody]
> [2002/11/16 16:00:47, 2] smbd/server.c:exit_server(461)
> Closing connections
>
More information about the samba
mailing list