[Samba] How do I get Winbind accounts in LDAP?

ww m-pubsyssamba pubsyssamba at bbc.co.uk
Thu Jan 8 14:54:31 GMT 2004


Hi Sapan/All,

	yes I have already correctly configured my nsswitch.conf and it is not working for getent?! Anyone fancy giving me a clue?

		cheers Andy.

PS I agree Sun seem to have changed a few things in Solaris 9 which are catching out third party software developers and end users alike.

-----Original Message-----
From: Ganguly, Sapan [mailto:Sapan.Ganguly at thalesgroup.com]
Posted At: 08 January 2004 14:25
Posted To: Samba
Conversation: [Samba] How do I get Winbind accounts in LDAP?
Subject: RE: [Samba] How do I get Winbind accounts in LDAP?



I'm doing the same thing but with NT4 so I'm not using active directory.
The only thing you haven't mentioned that I can think of is nsswitch.conf,
you should have -

Passwd: files winbind
Group: files winbind

Getent works for me, I'm stuck with getting log ons to the Solaris machine
with NT usernames to work.
They seem to have changed something in Solaris 9, even Sun hasn't been able
to help me!

-----Original Message-----
From: ww m-pubsyssamba [mailto:pubsyssamba at bbc.co.uk] 
Sent: 08 January 2004 13:45
To: Ganguly, Sapan ; samba at lists.samba.org
Subject: RE: [Samba] How do I get Winbind accounts in LDAP?


Hi Sapan/All,

	ok this is all in my test/dev environment. I have a Sun Sparc
workstation running Solaris 9 and an Intel server running Windows 2000
server acting as a Native mode AD DC. My Sparc system has Samba 3.0.1
installed and is successfully joined to the AD domain, I can authenticate
via kerberos and wbinfo -u lists domain users etc. All I need LDAP for is
centralising the IDMAP mappings across our theoretical Samba server
infrastructure. 

  On the same sparc system I also have SunONE DS 5.2 installed, this has the
schema for Samba 3.0.1 successfully loaded. I have created the idamap OU in
the directory and I have configured my smb.conf to use LDAP for idmap data,
file attached. And I have set the LDAP admin account password with
"smbpasswd -w". I have also disabled nscd from starting up & installed patch
113476-05 which is required for Solaris 9. I can also see winbindd
establishing a connection to Sun LDAP in its access log.

  As I was writing this mail I have noticed that a getent for users and
groups is not displaying any AD users/groups but is exiting with a status 0,
this is despite the fact that wbinfo is correctly displaying all my AD
users/groups!? I can see from a snoop and truss run on the getent that it is
making LDAP calls to the AD DC but it's not returning anything!?! I have had
this running on a Solaris 8 system in my test environment successfully and
can't think of anything I've done differently.

If anyone can help I'd greatly appreciate it,

	many thanks Andy.


BBCi at http://www.bbc.co.uk/

This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically
stated.
If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in
reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.


More information about the samba mailing list