[Samba] winbind problems with linux domain member
Sak
sak at 102010.org
Thu May 13 16:43:00 GMT 2004
Hey everyone,
I'm having some strange responses, and a bit of trouble with getting
access to a member server on my domain. I've got Samba running on
another Linux box as a PDC, and my Win2k clients can login just fine,
and share between one another. The problem comes in with another
Linux workstation that's setup as a member server.
Here's the relevant smb.conf section from the member server:
[global]
workgroup = 102010
server string = Samba Server %v
log file = /var/log/samba3/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
netbios name = miru
security = domain
printcap name = cups
disable spoolss = yes
show add printer wizard = no
printing = cups
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind enable local accounts = no
use sendfile = yes
testparm comes out okay, with the caveat that using '+' as a separator
might cause problems with group membership. I also get success
response from wbinfo -t
What's strange is this:
miru root # wbinfo -u
root
sak
michael
Shouldn't it show the domain+user output?
When I do:
miru root # getent passwd
...
guest:x:405:100:guest:/dev/null:/dev/null
nobody:x:65534:65534:nobody:/:/bin/false
sak:x:1000:100::/home/sak:/bin/bash
ntp:x:123:123:added by portage for ntp:/dev/null:/bin/false
root:x:15007:15001:root:/home/102010/root:/bin/false
sak:x:15006:15001::/home/102010/sak:/bin/false
michael:x:15008:15001::/home/102010/michael:/bin/false
If I understand correctly, this is okay; listing the local users and
then the domain users.
When I do:
miru root # getent passwd sak
sak:x:1000:100::/home/sak:/bin/bash
which is probably correct, but when I do:
miru root # getent passwd 102010+sak
I get no response whatsoever.
All of this results in the shares on the member server showing up on
the domain, but unable to access them. From a Win2k client, logged
into the domain, I can't get it to accept any type of login to access
a share on the member server. When I try to access a share it asks
for a username and password. If I try sak, it doesn't work, if I try
102010+sak it gives me an hourglass for about thirty seconds, and then
gives me "\\Miru\sak is not accessible. The specified username is
invalid."
Anyway, I'm stuck. I don't know what else to try. Anyone have any
thoughts or suggestions?
--
Thanks,
Sak.
-----
i've got this epic problem
this epic problem's not a problem for me
and inside i know i'm broken
but i'm working as far as you can see
and outside it's all production
it's all illusion set scenery
i've got this epic problem
this epic problem's not a problem for me
-fugazi
More information about the samba
mailing list