[Samba] RE: Winbind on HPUX11, Totally Stuck, Please Help
Esh, Andrew
Andrew_Esh at adaptec.com
Tue Jan 28 15:49:32 GMT 2003
Did I miss something? Is LDAP supposed to replace winbindd in nsswitch.conf?
If so, then what I've written below is not right, but read it anyway.
Perhaps LDAP is not finding winbindd in it's list of things to query.
My experience is not with HPUX, but I have been able to use "passwd: files
winbindd" in /etc/nsswitch.conf on Linux. Perhaps the "not a supported type"
problem is because "/lib/libnss_winbindd.so" hasn't been compiled and
installed. (Compile it by doing a "make nsswitch" in the top level of samba
source. Install it by copying from source/nsswitch to /lib, and running
ldconfig.)
Once that library is present in the "ldconfig -p" output, then the winbindd
keyword in nsswitch.conf should work. That library provides connectivity
from the name system to the winbind services which list Windows users and
groups, and their assigned ID numbers. getent should work too.
I don't have HPUX, so I don't know what to suggest for that. I just know
getent won't work without winbindd in nsswitch.conf on Linux.
I don't see how this would be solved with PAM. PAM uses the same service,
but is not the solution to the problem. I did all the PAM/winbindd stuff as
directed in a HOWTO, only to find out at the end that I don't need PAM
unless I want Windows users to be able to telnet, FTP, or use other Unix
services which require authentication. Assignment of user IDs is not done
through PAM.
Obligatory link fest:
http://us3.samba.org/samba/ftp/docs/textdocs/Solaris-Winbind-HOWTO.txt
http://archives.neohapsis.com/archives/pam-list/2001-10/0038.html
http://nic-ks.greatplains.net/samba/winbind.html
http://www.samba.org/samba/docs/Samba-HOWTO-Collection.html#WINBIND
> -----Original Message-----
> From: Richard Sharpe [mailto:rsharpe at richardsharpe.com]
> Sent: Sunday, January 26, 2003 8:05 PM
> To: Miles Roper
> Cc: 'samba at lists.samba.org'; 'samba-technical at lists.samba.org'
> Subject: Re: Winbind on HPUX11, Totally Stuck, Please Help
>
>
> On Mon, 27 Jan 2003, Miles Roper wrote:
>
> Let me first say that I am no expert on HP-UX, maybe Tim
> Potter can help,
> now that he works for them.
>
> > I can do a wbinfo -u and get the user names, and a wbinfo
> -g returns the
> > groups. I had to specify the password to use first with
> >
> > wbinfo -A user%password
> >
> > I also joined the domain sucessfully with
>
> OK, this looks like winbindd is sort of works ...
>
> > /etc/nsswitch.conf to
> >
> > hosts: dns [NOTFOUND=continue UNAVAIL=continue
> TRYAGAIN=continue] files
> > [
> > passwd: files ldap
> > group: files ldap
> >
> > notice it is ldap, rather than winbind. The reason for
> this is, if you set
> > it to winbind you get a error about not being a supported
> type, ie must be
> > nis, ldap or files.
>
> I think this is where your problem is. ldap is not winbindd.
>
> It looks like PAM on your version of HP-UX does not handle
> arbritrary NSS
> shared library stuff.
>
> Regards
> -----
> Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
> sharpe[at]ethereal.com, http://www.richardsharpe.com
>
More information about the samba
mailing list