[Samba] Winbindd question

Marc Muehlfeld Marc.Muehlfeld at medizinische-genetik.de
Tue Dec 5 05:26:29 GMT 2006


Matt Skerritt schrieb:
>> - Insert the following lines on your PDC's smb.conf:
>> winbind enum groups = yes
>> winbind enum users = yes
>> winbind trusted domains only = yes
>> winbind use default domain = yes
>> template homedir = /home/%U
>> template shell = /bin/false
>> - Start Winbind.
>> - Join the PDC to its own domain (net rpc join)
>> - Check if it was successful (net rpc testjoin)
>> - Check if the shared secrets of Winbind are OK (wbinfo -t)
>> - Test if you can authenticate a user via winbind
>> (wbinfo -a user%password)

I execute all steps, but wbinfo still only get groups and users of the
trusted domain and not of the PDC itself.

I configured nsswitch.conf for winbind, so that I get the user and groups
of the trusted domain too, when i execute getent. The funny thing is, when
I add TRUSTDOMAIN\user to a local group and su to that user (after
template shell = /bin/bash), I can access shares that this group is
allowed to, when im logged in as that user e. g. via ssh. But when I try
to access the same folder over samba, I get a access-denied-error.

Any ideas?

Best regards

Marc Muehlfeld
Zentrum fuer Humangenetik und Laboratoriumsmedizin Dr. Klein und Dr. Rost
Lochhamer Str. 29 - D-82152 Martinsried
Telefon: +49(0)89/895578-0 - Fax: +49(0)89/895578-78

More information about the samba mailing list