[Samba] Can't get users from AD tree
jgordon at wideorbit.com
Thu Dec 27 23:48:13 GMT 2007
I'm running Samba version Version 3.0.25b-1.el5_1.2 on RH Enterprise
Linux 5. I've configured the SMB server to get users from a Windows 2003
Server Active Directory tree. I was able to join the machine to the
domain with no problem.
Here's the smb.conf
idmap gid = 60000-90000
winbind trusted domains only = yes
encrypt passwords = yes
show add printer wizard = No
winbind use default domain = Yes
realm = <domain>;
netbios name = <servername>;
printing = cups
idmap uid = 10000-50000
password server = <dcname>;
workgroup = <domain>;
os level = 20
printcap name = cups
security = domain
winbind separator =
disable spoolss = Yes
winbind enum groups = yes
winbind enum users = yes
My nsswitch.conf has the following;
passwd: files winbind
group: files winbind
wbinfo -u and wbinfo-g work well, returning a list of users and groups.
However, when I issue 'getent passwd' my winbind log
(/var/log/samba/winbindd.log) shows a long list of the following and no
users are added to the passwd db;
[2007/12/04 12:11:03, 1] nsswitch/winbindd_ads.c:query_user_list(209)
Not a user account? atype=0x30000000
Also if I run PDBedit -L, I get a long list of the following;
build_sam_account: smbpasswd database is corrupt! username joeuser with
uid 10350 is not in unix passwd database!
Not sure where to go from here.
Any help would be appreciated.
jgordon at wideorbit.com <mailto:jgordon at wideorbit.com>
"You can't make what you can't measure, 'cause you don't know when
you've got it made."
More information about the samba