[Samba] winbind nss info = sfu is not so much working

Jonathan C. Detert detertj at msoe.edu
Thu Apr 27 17:38:17 GMT 2006 

one problem ...

* Jonathan C. Detert <detertj at msoe.edu> [060427 12:11]:
> * Guenther Deschner <gd at samba.org> [060427 11:56]:
> > On Thu, Apr 27, 2006 at 11:21:45AM -0500, Jonathan C. Detert wrote:
> > > with samba 3.0.22, I'm trying to integrate a linux box with Microsoft AD
> > > by using winbind for authentication as well as for the source of nss info.
> > > 
> > > When winbind is configured to use its own local id maps, everything
> > > works fine.
> > > 
> > > But when i configure winbind to use 'ad' as the source of nss info,
> > > authentication fails, 'getent' commands return no results, and
> > > 'wbinfo -r someusername' returns nothing (though wbinfo -u and -g work
> > > correctly).
> 
> -- snip --
> 
> > > And here is how smb.conf looks when winbind is configed to use AD for
> > > nss:
> > > --------------
> > >    winbind enum groups = yes
> > >    winbind enum users = yes
> > >    winbind separator = +
> > >    winbind nested groups = yes
> > >    winbind nss info = sfu
> > >    winbind use default domain = yes
> > > 
> > >    idmap backend = ad
> > 
> > You still need to have the idmap ranges set so that winbind does not fall
> > into the "netlogon proxy only" mode. Does it work then?
> 
> Yes, thanks!  I don't understand that at all.  What is 'netlogon proxy only'

I spoke too soon: _most_ things work now.  The things which didn't work
before, are now working.  However, one thing is not working:

        the inability to map a uid or gid into a name.

For example:
        - 'id -G detertj' works, but 'id -Gn detertj' does not.
        - when i login on the console of the samba box, my shell prompt,
          which would usually say 'detertj at nameofhost', says instead
          'I have no name!@nameofhost'.

I can turn a name into a sid, and a sid into a uid, but not a name into
a uid.
-- 
Happy Landings,

Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.

More information about the samba mailing list