[Samba] Samba 3.0.1pre1 winbind / getent problems

Buchan Milne bgmilne at cae.co.za
Fri Nov 7 15:21:55 GMT 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> Date: Wed, 5 Nov 2003 21:48:18 +0100
> From: Thomas Sillard <thomas.sillard at free.fr>
> Subject: [Samba] Samba 3.0.1pre1 winbind / getent problems
> To: samba at lists.samba.org
> Message-ID: <200311052148.18113.thomas.sillard at free.fr>
> Content-Type: text/plain;  charset="us-ascii"
>
> Hi,
>
> I've got some problems with winbind and ADS Domain Membership stuff.
> I've joined the domain without problems with "kinit admin at MY.DOMAIN" and
> "net ads join", i can see the machine account in AD with ldapbrowser.
> Klist give me three tickets, as say in the documentation, OK.
> I created the idmap entry in my openldap (with samba3 schema), OK.
> I've set the ldap admin password in the secrets.tdb, OK (ldap idmap).
> Starting service smb3, OK.
> Starting service winbind3, OK.
> wbinfo -u and wbinfo - g give me the list of users and groups correctly,
> wbinfo -a user%passord works fine, OK.
>
> BUT
>
> When i try a "getent passwd" or "getent group", i don't have the windows
> users. I can't see or connect to the shares on the linux box with
windows file
> explorer (it prompts me a user/password). It works fine with samba
2.2.7a.
> I've installed the samba3 mandrake package, wich suffixes all libs and
> executables with the samba version's number (eg. for libnss_winbind.so ->
> libnss_winbind3.so, smbpasswd -> smbpasswd3).

Only the default packages. Since you're running on 9.1, you either are
running cooker packages on 9.1 (not suggested, since cooker/9.2 have
openldap-2.1.x and kerberos 1.3.x) or you rebuilt the SRPM.

If you rebuilt the SRPM, you might as well add the '--with system'
switch when you build it, and you will get 'samba-3.0.1' packages
without suffixes.

>
> What's the problem ? Where is my error ? Is the mdk version suffixing
> can be the source of the problem ?

I am quite sure I tested this, and that it worked, but that was quite a
while ago, and I didn't have much time availble to test it then. If it
doesn't work for you, I can introduce alternatives for the winbind files
(as we have on 9.2 for the client binaries).

Unfortunately I don't have a production AD network to test on, so any
feedback on improvements to the Mandrake packages with regard to winbind
would be appreciated (and any other aspects, but I have two samba+ldap
networks, one currently running 2.2.8a and one running 3.0.1pre1).

Regards,
Buchan

- --
|--------------Another happy Mandrake Club member--------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/q7iSrJK6UGDSBKcRAo/iAKCX3vLJUzKqvk/+PoqjSNV/dGbygwCeITy0
5D6rU06FJbb4ZtaxEsZhdMU=
=mz26
-----END PGP SIGNATURE-----

More information about the samba mailing list