[Samba] err: I have no name (Idmap Ldap)
gints neimanis
gints at venta.lv
Sat Aug 21 11:22:17 GMT 2004
I succesfully setted up the winbind with "idmap backend = ldap:ldap:..."
LDAP is used only to store idmap's.
The problem:
On the server with OpenLDAP and winbind, all is working fine! Thanks to
the SAMBA team and OSS community!
But on the second server, where winbind is used to authenticate users
and retrieve uid's from server with ldap, users get error message: "id:
cannot find name for user ID ...". The authentication works fine, users
can use their samba shares, but ssh sessions are not more accessible
(There is error, that it is not possible to retrieve username for
lastlog and session closes).
May bee someone had already such problem, and know's solution?
There is some illustration of problem:
=======
[root at virsis /]# wbinfo -t
checking the trust secret via RPC calls succeeded
=======
[root at virsis /]# wbinfo -u
...skip
tst10
tst11
...skip
=======
[root at virsis /]# getent passwd | grep tst1
tst10:x:20694:30000::/skola/tst10:/bin/bash
tst11:x:20695:30000::/skola/tst11:/bin/bash
...skip
=======
But!
[root at virsis /]# su tst10
Creating directory '/skola/tst10'.
Creating directory '/skola/tst10/tmp'.
id: cannot find name for user ID 20694
[I have no name!@virsis /]$
and
[I have no name!@virsis tst10]$ ls -l
total 4
drwxr-xr-x 2 20694 30000 4096 aug 21 13:27 tmp/
=======
The both systems are like each other:
The configuration on both servers are like each other:
- Mandrake Cooker
- samba 3.0.5.2 (including winbind)
The samba.conf on secondary server
[root at virsis root]# cat /etc/samba/smb.conf
[global]
workgroup = SKOLA
security = domain
netbios name = VIRSIS
winbind use default domain = yes
default service = homes
unix charset = iso8859-13
idmap gid = 20000-30000
idmap uid = 30000-40000
winbind separator = +
winbind use default domain = yes
idmap backend = ldap:ldap://10.0.0.50
ldap admin dn = cn=Manager,dc=venta,dc=lv
ldap suffix = dc=venta,dc=lv
ldap idmap suffix = ou=Idmap
winbind enum users = yes
winbind enum groups = yes
encrypt passwords = Yes
template homedir = /skola/%U
os level = 18
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
wins server = 10.0.0.10
log level = 3
obey pam restrictions = yes
template shell = /bin/bash
max log size = 200
min protocol = NT1
password server = *
local master = No
[homes]
...skip
The /etc/nsswitch.conf
...
passwd: files winbind nisplus nis
shadow: files nisplus nis
group: files winbind nisplus nis
...
There is no working nscd daemon, which will cause "I have no name!" problem.
Thanks!
Gints
More information about the samba
mailing list