[Samba] winbbind not quiried by nsswitch on solaris 8

Rousak, Boris Boris.Rousak at industry.gov.au
Fri Jul 22 07:13:02 GMT 2005


Afternoon to all,
 
I am having the following problem for 3 days now and am starting to bang
head against wall :)
 
Here is the setup : Solaris 8 box running Samba 3.0.4 server member in
an NT 4 style domain
I have managed to get it to join the domain and if I create a
corresponding account on the sunbox (without password) users are able to
log into shares with appropriate passwords and other credentials sourced
from the domain controller.
 
However what I want to do is not have to create the corresponding
account on the sunbox and just use accounts stored in the domain. 
 
I have enabled winbind and wbinfo -u returns domain users correctly, 
 
I have also added winbind to /etc/nsswitch.conf but here the getent
passwd only returns local accounts I have tried various combinations in
smb.conf to no avail. According to various how-to's i have created the
following links:
 
ln -s /opt/samba/samba-3.0.4/source/nsswitch/libnss_winbind.so
/usr/lib/libnss_winbind.so.1
ln -s /opt/samba/samba-3.0.4/source/nsswitch/libnss_winbind.so
/usr/lib/libnss_winbind.so.2
ln -s /opt/samba/samba-3.0.4/source/nsswitch/libnss_winbind.so
/usr/lib/sparcv9/libnss_winbind.so.1
ln -s /opt/samba/samba-3.0.4/source/nsswitch/libnss_winbind.so
/usr/lib/sparcv9/libnss_winbind.so.2
 
Truss getent passwd returns refferences of it trying to get to winbind
but nothing happaneds as shown below:
 
stat("/usr/local/ssl/lib/nss_winbind.so.1", 0xFFBEED14) = 0
open("/usr/local/ssl/lib/nss_winbind.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEED14)                            = 0
mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
0xFF270000
mmap(0x00000000, 90112, PROT_NONE, MAP_PRIVATE|MAP_NORESERVE|MAP_ANON,
-1, 0) = 0xFF160000
mmap(0xFF160000, 10841, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3,
0) = 0xFF160000
mmap(0xFF172000, 3601, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 8192) = 0xFF172000
mmap(0xFF174000, 4592, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xFF174000
munmap(0xFF164000, 57344)                       = 0
memcntl(0xFF160000, 3488, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3)                                        = 0
mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANON, -1, 0) = 0xFF150000
munmap(0xFF270000, 8192)                        = 0
getpid()                                        = 5656 [5655]
getpid()                                        = 5656 [5655]
getpid()                                        = 5656 [5655]
lstat64("/tmp/.winbindd", 0xFFBEE748)           = 0
lstat64("/tmp/.winbindd/pipe", 0xFFBEE748)      = 0
so_socket(1, 2, 0, "", 1)                       = 3
connect(3, 0xFFBEE2D8, 110, 1)                  = 0
poll(0xFFBEE7A0, 1, 0)                          = 0
write(3, "\0\00518\0\0\001\0\01618".., 1304)    = 1304
read(3, 0xFF173330, 1304)                       = 0
close(3)                                        = 0
llseek(0, 0, SEEK_CUR)                          = 161715

 
Could someone make suggestions as to whats wrong? Any clue-bats wuld be
most appreciated.
 
Below is my smb.conf:
 
[global]
        netbios name = sun_fileserver
        workgroup = my_workgroup
        server string = "sun_fileserver"
        security = domain
        password server = domain_controller_name
        log file = /var/adm/samba/%m.log
        max log size = 5000
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        encrypt passwords = yes

#   Wins settings
        wins support = no
        wins proxy = no
        dns proxy = No
        wins server = domain_controller_name
        name resolve order = wins hosts bcast
 
        guest account = smbuser
        mangling method = hash2
#       ^ Make sure this is set to 'hash2' as 'hash' had priveledge
elevation vuln on Solaris
 
#   Winbind settings
        winbind separator = +
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind enum users = yes
        winbind enum groups = yes
        winbind enable local accounts = Yes
        winbind use default domain = Yes

#   Prevent SAMBA from becomming master browser
        local master = no
        domain master = no
        preferred master = no

 
And my nsswitch.conf:
 
passwd:     files winbind
group:      files winbind
hosts:      files dns
ipnodes:    files
networks:   files
protocols:  files
rpc:        files
ethers:     files
netmasks:   files
bootparams: files
publickey:  files
# At present there isn't a 'files' backend for netgroup;  the system
will
#   figure it out pretty quickly, and won't use netgroups at all.
netgroup:   files
automount:  files
aliases:    files
services:   files
sendmailvars:   files
printers:       user files
 
auth_attr:  files
prof_attr:  files
project:    files

 
Thanks,
Regards,
Boris

*************************************************************************
The information contained in this e-mail, and any attachments to it,
is intended for the use of the addressee and is confidential.  If you
are not the intended recipient you must not use, disclose, read,
forward, copy or retain any of the information.  If you received this
e-mail in error, please delete it and notify the sender by return
e-mail or telephone.

The Commonwealth does not warrant that any attachments are free
from viruses or any other defects.  You assume all liability for any
loss, damage or other consequences which may arise from opening
or using the attachments.
*************************************************************************




More information about the samba mailing list