[Samba] ADS and Winbind problems with joining domain and listing
users/ groups
Robert Fraser
rab.fraser at gmail.com
Wed Nov 1 02:41:23 GMT 2006
Hi
I am having trouble joining a Samba 3.0.22 (Ubuntu 6.06) machine to an
AD. I have done a heap of googling and can't find anything that seems
to fix the problem. This sequence of commands shows the problem (I
have now tried to join the doain a number of times hence the modifying
old account):
# net ads join
[2006/11/01 15:32:56, 0] libads/ldap.c:ads_add_machine_acct(1414)
ads_add_machine_acct: Host account for mail already exists -
modifying old account
Using short domain name -- SERVICES
Joined 'MAIL' to realm 'SERVICES.EXAMPLE.CO.NZ'
# net ads testjoin
[2006/11/01 15:34:02, 0] utils/net_ads.c:ads_startup(191)
ads_connect: Invalid credentials
Join to domain is not valid
# wbinfo -t
checking the trust secret via RPC calls succeeded
# wbinfo -u
Error looking up domain users
#wbinfo -g
Error looking up domain groups
# net ads user
< a long list of domain users >
# net ads group
< a long list of domain groups >
my smb.conf looks like this:
[global]
unix charset = LOCALE
workgroup = SERVICES
realm = SERVICES.EXAMPLE.CO.NZ
server string = Samba mail
security = ADS
username map = /etc/samba/smbusers
log level = 10
syslog = 0
log file = /var/log/samba/%m
max log size = 50
#
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
winbind separator = +
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
Any help would be greatly appreciated.
Thanks
Rob
More information about the samba
mailing list