[Samba] Problems with Ad and Winbind
Schwarz Frank
fs at siemens.com
Fri Jun 27 07:04:32 GMT 2003
Hi folks,
I'm using Samba 3beta running on RH 8.0 and I'd like to authentificate against a Microsoft AD. This all works very well, except to the fact that not ALL AD Users are mapped to my Unixbox!
When starting getent passwd, my UnixBox shows just my User from passwd and some of the AD User - not all!! Looking through my User with the command wbinfo -u all AD users are shown correctly!
Anybody knowing any workaround?
Attached I'm sending my setups.
my smb.conf:
[global]
workgroup = ***
realm = *****
ADS server = DE4A068C.ffm.sbs.de
server string = Samba ADS
security = ADS
password server = *****
#passdb backend = smbpasswd
algorithmic rid base = 100000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
encrypt passwords = yes
log file = /usr/local/samba/var/%m.log
log level = 10
max log size = 100000
domain logons = yes
ldap ssl = no
idmap uid = 1000-200000
idmap gid = 1000-200000
template shell = /bin/false
template homedir = /home/%D/%U
winbind cache time = 1
#'winbind gid = 20001 - 30000
#winbind uid = 20001 - 30000
winbind separator =*
winbind enum groups = yes
winbind enum users = yes
unix password sync = Yes
extract from winbindd.log when trying getent passwd - User Sascha is shown but mapping of Hugo fails. Hugo is a valid User in the AD!
[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_getpwent(511)
could not lookup domain user hugo
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(219)
sid_to_uid: sid = [S-1-5-21-484763869-1563985344-1343024091-1313]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(245)
sid_to_uid: Fall back to algorithmic mapping
[2003/06/26 14:04:39, 3] sam/idmap_util.c:sid_to_uid(248)
sid_to_uid: SID S-1-5-21-484763869-1563985344-1343024091-1313 is *NOT* a user
[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(46)
error getting user id for sid S-1-5-21-484763869-1563985344-1343024091-1313
[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_getpwent(511)
could not lookup domain user sascha
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(219)
sid_to_uid: sid = [S-1-5-21-484763869-1563985344-1343024091-1337]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(231)
sid_to_uid: uid = [10006]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_gid(277)
sid_to_gid: sid = [S-1-5-21-484763869-1563985344-1343024091-513]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_gid(289)
sid_to_gid: gid = [30000]
****************************************************
Best regards/Mit freundlichem Gruß
Frank Schwarz
Siemens Business Services GmbH & Co. OhG
ORS GD SIM
Lyoner Straße 27
60528 Frankfurt
Tel.: +49 69 6682 5470
More information about the samba
mailing list