SOLVED RE: [Samba] Samba+ldap, Getent and AD (aka the good bad and the downright ugly)

sysrm sysrm at stvincent.ac.uk
Mon May 9 14:15:35 GMT 2005 

 
Ok, went back through all the documentation (NB might be worth the doc
writer of
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html#id25
97045 putting something in about this)

By default redhat installed samba (even tho I told it not to) so I did the
rpm -e samba-*

Then built it by hand and installed it (as per the above document) looked in
/lib and there was a libnss_winbind.so and .so.2 already, so figured that
make install had put them in there..... Wrong :/

It must have been from the previous default install

Before

[root at dev1 lib]# ls -l libnss_winbind.so*
lrwxr-xr-x    1 root     root           19 Jul 21  2004 libnss_winbind.so ->
libnss_winbind.so.2
-rwxr-xr-x    1 root     root        13832 Sep 25  2003 libnss_winbind.so.2

After....

[root at dev1 lib]# cp
/usr/local/src/samba-3.0.14a/source/nsswitch/libnss_winbind.so
./libnss_winbind.so.2
[root at dev1 lib]# ls -l libnss_winbind.so*
lrwxr-xr-x    1 root     root           19 Jul 21  2004 libnss_winbind.so ->
libnss_winbind.so.2
-rwxr-xr-x    1 root     root        19507 May  9 15:01 libnss_winbind.so.2

Getent passwd now shows domain users etc.

I doubt this will be the last problem, but im a heck of way further than I
was 20 mins ago :)

Cheers

Ross

-----Original Message-----
From: samba-bounces+sysrm=stvincent.ac.uk at lists.samba.org
[mailto:samba-bounces+sysrm=stvincent.ac.uk at lists.samba.org] On Behalf Of
sysrm
Sent: 09 May 2005 10:51
To: Samba
Subject: [Samba] Samba+ldap,Getent and AD (aka the good bad and the
downright ugly)

Hi all.

I have managed to join my samba server to an AD domain.

I can now join using the net command and get various other bits of info.

Wbinfo -u /g/t etc works nps

Getent however doesn't.

This is my question:

By reading various emails over the last 2 weeks and various howtos etc

In order to share users and passwords etc all I need to do is edit the
nsswitch.conf 

To 

passwd: compat winbind
shadow: compat
group: compat winbind

Or 

passwd: files winbind
shadow: files
group: files winbind

Then getent passwd SHOULD show the local passwd file AND the AD user file?

I don't need to do the pam auth stuff for this to work?

Is this correct or have I lost the plot (and very nearly the will to live??)

Please someone take pity on this poor fool.

Im running RH ES3 and samba 3.0.14a configured with
--prefix=/usr/local/samba --with-ldap --with-ads --with-krb5 --with-pam
--with-winbind

Thanks

Ross

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list