[Samba] Can't get users from AD tree
Jamie Gordon
jgordon at wideorbit.com
Thu Dec 27 23:48:13 GMT 2007
I'm running Samba version Version 3.0.25b-1.el5_1.2 on RH Enterprise
Linux 5. I've configured the SMB server to get users from a Windows 2003
Server Active Directory tree. I was able to join the machine to the
domain with no problem.
Here's the smb.conf
[global]
idmap gid = 60000-90000
winbind trusted domains only = yes
encrypt passwords = yes
show add printer wizard = No
winbind use default domain = Yes
realm = <domain>;
netbios name = <servername>;
printing = cups
idmap uid = 10000-50000
password server = <dcname>;
workgroup = <domain>;
os level = 20
printcap name = cups
security = domain
winbind separator =
disable spoolss = Yes
winbind enum groups = yes
winbind enum users = yes
My nsswitch.conf has the following;
passwd: files winbind
shadow: files
group: files winbind
wbinfo -u and wbinfo-g work well, returning a list of users and groups.
However, when I issue 'getent passwd' my winbind log
(/var/log/samba/winbindd.log) shows a long list of the following and no
users are added to the passwd db;
[2007/12/04 12:11:03, 1] nsswitch/winbindd_ads.c:query_user_list(209)
Not a user account? atype=0x30000000
Also if I run PDBedit -L, I get a long list of the following;
build_sam_account: smbpasswd database is corrupt! username joeuser with
uid 10350 is not in unix passwd database!
Not sure where to go from here.
Any help would be appreciated.
Jamie Gordon
QA Manager
WideOrbit
jgordon at wideorbit.com <mailto:jgordon at wideorbit.com>
"You can't make what you can't measure, 'cause you don't know when
you've got it made."
More information about the samba
mailing list