[Samba] Cannot see trusted domains (getfacl or setfacl)

Jose Santiago Oyervides joseoyervides at gmail.com
Wed Dec 12 19:34:46 GMT 2007 

Hi,
I have a samba server (version 3.0.28). I have joined my server to my domain
with no problems.

Since I will have postfix in my machine, (to relay mails externally) I
configured my /etc/resolv.conf with my external dns first and later my
internal dns. The problem is that when I try to apply acl permissions on
some folder (using setfacl) I cannot see the trusted domains, If I comment
out the entries in my resolv.conf of the external dns servers, it works
fine, the same for getfacl, I need to comment out the external dns in order
to view the permissions. I only see the uid numbers (group:10007:rwx instead
of group:domain\group:rwx)

I have configured my samba server to first lookup my lmhosts and in the
lmhosts I have the netbios name for all trusted domains, but It seems, samba
(or winbind) is looking up directly my resolv.conf file ignoring my lmhosts
file.

Does someone know why could have been happening this?  Is there a way
getfacl and setfacl look first in my lmhosts and hosts file?

Regards,
Jose Oyervides.

This is my config files:

smb.conf
[global]
        workgroup = MYDOMAIN
        netbios name = MYSERVERNAME
        #server string = Samba Server %v
         security = ADS
        password server = 192.168.0.1 192.168.0.2 192.168.0.3
        encrypt passwords = Yes
        wins server = 192.168.0.20 192.168.0.21
        local master = no
        domain master = no
        preferred master = no
        log level =3
        log file = /var/log/samba/%m.log
         max log size = 1000
        idmap uid = 10000-60000
        idmap gid = 10000-60000
        winbind enum users = yes
        winbind enum groups = yes
        realm = MYREALM.COMPANY.COM
        winbind use default domain = Yes
        interfaces = 127.0.0.1/255.0.0.0 192.168.0.25/255.255.240.0
        template shell = /bin/bash
        template homedir = /home//%D/%U
        username map = /etc/samba/smbusers
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        name resolve order = lmhosts wins bcast
         bind interfaces only = yes

nsswitch.conf
passwd:     files winbind
shadow:     files
group:      files winbind
hosts:      files wins dns winbind

krb5.conf
[realms]
MYREALM.COMPANY.COM  =  {
        kdc = SERVER1.COMPANY.COM
}
MYTRUSTEDDOMAIN.COMPANY.COM = {
        kdc = SERVER23.COMPANY.COM
}

resolv.conf
domain MYDOMAIN
nameserver (external dns)
nameserver (external dns)
nameserver (internal dns)
nameserver (internal dns)
search MYDOMAIN.COMPANY.COM
search MYTRUSTEDDOMAIN.COMPANY.COM
lmhosts
MYDOMAINDC 192.168.0.1
MYDOMAINTRUSTED 192.168.0.20

More information about the samba mailing list