[Samba] WinBind - 3.0.0beta1

Patrik Gustavsson PS Sweden Senior Technical Consultant Patrik.Gustavsson at Sun.COM
Mon Jun 16 08:26:28 GMT 2003 

What I did for getting winbind to work with Windows 2003 ADS.

1) Compiled Samba with both kerberos and ldap support.
     If you don't do this it will not work.

2) Configure kerberos klient on your server.

3) Then I ran net ads JOIN -U administrator

My smb.conf

# Global parameters
[global]
        workgroup = SAMBA-NET
        password server = *
        ads server = w2003server
        realm = TEST.SE
        netbios name = SAMBA
        server string = Samba (%v) domain (%h)
        interfaces = hahostix1/255.255.0.0
        bind interfaces only = Yes
        security = ads
        private dir = /global/mnt1/SAMBA/private
        log file = /global/mnt1/SAMBA/logs/logfile
        lock dir = /global/mnt1/SAMBA/locks
        pid directory = /global/mnt1/SAMBA/var/locks
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template homedir = /global/mnt1/SAMBA/home/%D/%U
        template shell = /bin/sh
        winbind use default domain = Yes
        wins server = w2003server



Brett Hales wrote:

>I am trying to get WinBind working against Windows 2000 ADS.
>
>I am following the document
>http://de.samba.org/samba/devel/docs/html/winbind.html.
>
>I have successfully joined the samba server to the PDC domain.
>
>/usr/local/samba/bin/net join -S PDC -U Administrator
>
>The winbindd starts successfully however when I try to use wbinfo -u it
>returns.
>
>[root at jerry root]# /usr/local/samba/bin/wbinfo -u
>Error looking up domain users
>
>And the /usr/local/samba/var/log.winbindd log file contains the below.
>
>[2003/06/16 14:57:03, 1]
>nsswitch/winbindd_util.c:add_trusted_domain(138) Added domain
>AU.MYDOMAIN.COM  
>[2003/06/16 14:57:03, 1] nsswitch/winbindd_util.c:init_domain_list(214)
>Could not fetch sid for our domain AU.MYDOMAIN.COM
>
>My samba.conf is 
>[root at jerry lib]# cat smb.conf
>[global]
>winbind separator = +
>winbind uid = 10000-20000
>winbind gid = 10000-20000
>winbind enum users = yes
>winbind enum groups = yes
>workgroup = AU.MYDOMAIN.COM
>security = domain
>password server = myad01
>
>
>Can anybody advise why this is not working.
>
>
>  
>

-- 
"In a world without fences who needs Gates"
Patrik Gustavsson, Senior Technical Consultant
patrik.gustavsson at sun.com     Telephone: +46 60 671540
http://glen.sweden            Mobile: +46 70 3551040
SUN MICROSYSTEMS              Fax: +46 60 671550
--------------------------------------------------------------

More information about the samba mailing list