[Samba] Re: Trusting and trusted domain (home mapping) problem

Adrian Chow achow at uwcsea.edu.sg
Fri Nov 5 11:28:08 GMT 2004 

Hi Igor (and samba team),

I have done the following:-
-I have upgraded the samba versions of the both servers to be the same.
-The ldap servers are in the same version.
-DomainAPDC and DomainBPDC has winbind in nsswitch
-wbinfo all works.
-"getent group" and "getent passwd" shows ldap entries of local domain 
and winbind entries of the remote domain.
-However I still cannot map the home directory of the Domain_B_user when 
I log into Domain_B on Domain_A_XP computer.
- smbclient //domain_A_PDC/shared -U domain_B/domain_B_user is working.

The command I run on the command prompt (which will work) if I am 
Domain_A_user into Domain_A on Domain_A_XP_computer is "net use x: 
/home".  But before I map it, the home directory is already mapped based 
on the sambahomepath and sambahomedrive in the ldap entries.  I am using 
the "net use" command to do testing.
If I were to run the same "net use x: /home" command as a Domain_B_User 
logging into Domain_B on Domain_A_XP_computer, the home directory never 
gets mapped.  Igor has make it work on his server but I am still stuck. 
  (Igor, if you run "net use z: /home" command as the Domain_B_User 
logging into Domain_B on DOmain_A_XP, does it work?)

On my winbind log on Domain_A_PDC, I get the following :-

legend:-
uwcstu is domain_B
grade2 is domain_B_user
10000 is gid of DomainB\Domain Users group on Domain_A_PDC.
staff is domain A

-----------------------------------------

[2004/11/05 19:10:16, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
   [29440]: getpwnam uwcstu\grade2
[2004/11/05 19:10:16, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1030)
   [29440]: getgroups UWCSTU\grade2
[2004/11/05 19:10:16, 3] nsswitch/winbindd_sid.c:winbindd_gid_to_sid(374)
   [29440]: gid to sid 10000
[2004/11/05 19:10:16, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
   [29440]: getpwnam uwcstu\grade2
[2004/11/05 19:10:16, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(243)
   [29440]: getgrnam grade2
[2004/11/05 19:10:16, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2008)
   ldapsam_getgroup: Did not find group
[2004/11/05 19:10:16, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(298)
   group grade2 in domain STAFF does not exist

----------------------------------------------------------------

Questions:-
1. Why domain_A_PDC will try to getgrnam "grade2"? How did grade2 ended 
up as a group and not a user?

2.  Isn't it supposed to be getgrnam "UWCSTU\Domain Users" since 
winbindd_gid_to_sid is converting 10000 to "UWCSTU\Domain Users"?

3.  Any commands for me to test getgroups?

4.  Any ideas how to proceed on?

Thanks so much.

adrian

More information about the samba mailing list