[Samba] Two PDCs Samba trustrealtionship --> winbind configuration

Bojidar Penchev bladezrmx at yahoo.com
Mon Feb 27 09:58:07 GMT 2006


                  Greetings!  
          
        I have the following configuration:  
          Two PDCs (Samba 3.0.21b) with Fedora Core 4: PDC1 and PDC2.  
          
        PDC1 trusts  PDC2, respectively PDC2 is trusted to PDC1.  
        I join an XP workstation to PDC2. After restart i can see both domains   in the login screen domain combo box.  
  I can logon to PDC2 , but not to PDC1, since the PDC2's /etc/passwd  lacks the username from PDC1 i am trying to log in with. To correct  this i edit smb.conf adding this line: 
          
        add user script = /usr/sbin/useradd %u -g users -s /bin/false -d /dev/null  
          
  After another unsuccessful login to PDC1 (with username ivan for  example) in the PDC2's log (/var/log/samba/winxp.log) can be seen the  following lines: 
          
        useradd: unable to lock password file  
        useradd ....gave 1  
          
  When i try to access a share on PDC2 with a PDC1 user (ivan for  example), useradd is executed successfully, and user ivan is added to  /etc/passwd. 
          
 I found out that during login "add  user script = /usr/sbin/useradd %u ......" is executed with user  nobody, and this user has no right to execute useradd, hence an error  occurs.
  
  This is a bug, wich will be never fixed :( , https://bugzilla.samba.org/show_bug.cgi?id=2282
  
  For that reason I tryed use a winbind, but without success. I read  about winbind, but I couldn't configured it. Pls help me, give to me  any example winbind configuration for my case (two PDC's Samba  trustralationship), when, where, what I must do?
  
  Thanks in advance;)
  
  
  PS: Will be  fixed this samba's bug(nobody run "add user script") in future? If it will be not fixed, why?



		
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail  makes sharing a breeze. 


More information about the samba mailing list