[Samba] Winbind/Samba Setup on RHEL 4

Tim Evans tkevans at tkevans.com
Wed Feb 15 17:36:30 GMT 2006 

I've been through Samba 3 HOWTO and the RedHat Knowledge Base, and can't quite
get everything going with winbind and Samba.  Redhat is RHEL Version 3, update
2 (Version 3.0.9-1.3E.5, per RPM); Domain controller is running in  "Mixed" mode.

First, the setup:

>From smb.conf:

workgroup = JJS-SDM
netbios name = geneva
server string = geneva
security = domain
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
winbind separator = +
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = no
template homedir = /home/winnt/%D/%U
template shell = /bin/bash

>From nsswitch.conf:

passwd:     files winbind
group:      files winbind

Domain join (via net rpc join...) succeeded.

[root at geneva samba]#  net rpc info
Domain Name: JJS-SDM
Domain SID: S-1-5-21-1166433337-260255602-710412178
Sequence number: 13801
Num users: 150
Num domain groups: 0
Num local groups: 12

[root at geneva samba]# wbinfo -g
BUILTIN#System Operators
BUILTIN#Replicators
BUILTIN#Guests
BUILTIN#Power Users
BUILTIN#Print Operators
BUILTIN#Administrators
BUILTIN#Account Operators
BUILTIN#Backup Operators
BUILTIN#Users

[root at geneva samba]# wbinfo -u
Error looking up domain users               <--no domain users

[root at geneva samba]# getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
... rest of UNIX groups...
BUILTIN#System Operators:x:10012:
BUILTIN#Replicators:x:10013:
BUILTIN#Guests:x:10014:
BUILTIN#Power Users:x:10015:
BUILTIN#Print Operators:x:10016:
BUILTIN#Administrators:x:10017:
BUILTIN#Account Operators:x:10018:
BUILTIN#Backup Operators:x:10019:
BUILTIN#Users:x:10020:

[root at geneva samba]# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
... rest of UNIX users ...
[ No domain users ]

[root at geneva samba]# tail winbindd.log

[2006/02/14 19:55:23, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
spnego_gen_negTokenTarg failed: No credentials cache found
[2006/02/14 19:55:23, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain JJS-SDM failed: Cannot read password

Where to look for what I've missed?  Thanks.

--
Tim Evans, TKEvans.com, Inc.    |    5 Chestnut Court
tkevans at tkevans.com             |    Owings Mills, MD 21117
http://www.tkevans.com/         |    443-394-3864
http://www.come-here.com/News/  |

More information about the samba mailing list