[Samba] winbind nss info = sfu is not so much working

Jonathan C. Detert detertj at msoe.edu
Thu Apr 27 16:21:45 GMT 2006 

with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD
by using winbind for authentication as well as for the source of nss info.

When winbind is configured to use its own local id maps, everything
works fine.

But when i configure winbind to use 'ad' as the source of nss info,
authentication fails, 'getent' commands return no results, and
'wbinfo -r someusername' returns nothing (though wbinfo -u and -g work
correctly).

I am guessing that either there is something wrong or lacking in my config,
or that some kind of caching is messing me up.

Here is my pertinent smb.conf stuff when winbind is configed to use
local id maps:
--------------
   winbind enum groups = yes
   winbind enum users = yes
   winbind separator = +
   winbind nested groups = yes
   winbind use default domain = yes

   idmap gid = 10000-55000
   idmap uid = 10000-55000

   template homedir = /home/%D/%U
   template shell = /bin/bash

And here is how smb.conf looks when winbind is configed to use AD for
nss:
--------------
   winbind enum groups = yes
   winbind enum users = yes
   winbind separator = +
   winbind nested groups = yes
   winbind nss info = sfu
   winbind use default domain = yes

   idmap backend = ad

Can you see anything wrong/lacking in my config?  Btw, I have also tried
setting idmap backend to 'idmap_ad' as the smb.conf man page has it, but
either way, as 'ad' or as 'idmap_ad', I get the same result. 

As to cache possibly messing me up, I do the following when switching
from local tdb maps to using ad as the map:
--------------
   /etc/init.d/winbind stop; /etc/init.d/samba stop
   cat /dev/null > /var/cache/samba/winbindd_cache.tdb
   mv /var/lib/samba/winbindd_idmap.tdb /var/lib/samba/winbindd_idmap.tdb.orig
   /etc/init.d/samba start; /etc/init.d/winbind start
Is there something else to consider re. caching?

Thanks
-- 
Happy Landings,

Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.

More information about the samba mailing list