[Samba] Two PDCs Samba trustrealtionship --> winbind configuration
Bojidar Penchev
bladezrmx at yahoo.com
Mon Feb 27 09:58:07 GMT 2006
Greetings!
I have the following configuration:
Two PDCs (Samba 3.0.21b) with Fedora Core 4: PDC1 and PDC2.
PDC1 trusts PDC2, respectively PDC2 is trusted to PDC1.
I join an XP workstation to PDC2. After restart i can see both domains in the login screen domain combo box.
I can logon to PDC2 , but not to PDC1, since the PDC2's /etc/passwd lacks the username from PDC1 i am trying to log in with. To correct this i edit smb.conf adding this line:
add user script = /usr/sbin/useradd %u -g users -s /bin/false -d /dev/null
After another unsuccessful login to PDC1 (with username ivan for example) in the PDC2's log (/var/log/samba/winxp.log) can be seen the following lines:
useradd: unable to lock password file
useradd ....gave 1
When i try to access a share on PDC2 with a PDC1 user (ivan for example), useradd is executed successfully, and user ivan is added to /etc/passwd.
I found out that during login "add user script = /usr/sbin/useradd %u ......" is executed with user nobody, and this user has no right to execute useradd, hence an error occurs.
This is a bug, wich will be never fixed :( , https://bugzilla.samba.org/show_bug.cgi?id=2282
For that reason I tryed use a winbind, but without success. I read about winbind, but I couldn't configured it. Pls help me, give to me any example winbind configuration for my case (two PDC's Samba trustralationship), when, where, what I must do?
Thanks in advance;)
PS: Will be fixed this samba's bug(nobody run "add user script") in future? If it will be not fixed, why?
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
More information about the samba
mailing list