R: [Samba] Fwd: SAMBA on AIX --> nsswitch.conf?
jojowil at hvcc.edu
Mon May 14 11:08:35 GMT 2007
---- Original message ----
>Date: Mon, 14 May 2007 10:34:32 +0200
>From: "Urs Golla" <urs.golla at gmail.com>
>Subject: Re: R: [Samba] Fwd: SAMBA on AIX --> nsswitch.conf?
>To: "Gianluca Culot" <gianlucaculot at dmsware.com>
>Cc: samba at lists.samba.org
>nsswitch.conf does not exist on AIX! It works after changing
>/etc/security/user and copying WINBIND etc...
Correct. There is no nsswitch.conf. You edit /etc/security/user default stanza with:
NEVER change the root entry. You'll always want root to be local in case winbindd is non-responsive or have network problems.
>I changed the idmap uid range in my smb.conf and if I now remove the
>winbindd_cache.tdb and winbindd_idmap.tdb (+ restart winbind & samba)
>it says "sid2uid returned an error" in the winbind logfile... "wbinfo
>-i username" does also not work anymore... any idea?
The uid ranges should be set before you go production. These mappings are local to your AIX machine and represent local uid /gid mappings to remote SID values.
Therefore, whenever you create objects on the local server via WINBIND based ids, they will have the uid/gid values assinged and stored in the winbind_idmap.tdb.
These values are used to map back to SIDs on the remote host to determine access rights and such. When you deleted your tdb, you deleted your map. Once in place and in production, guard this file as if it were your child. It's contents are precious and should be carried forward when performing upgrades.
>thanks a lot!
>On 5/14/07, Gianluca Culot <gianlucaculot at dmsware.com> wrote:
>> > -----Messaggio originale-----
>> > Da: samba-bounces+gianlucaculot=dmsware.com at lists.samba.org
>> > [mailto:samba-bounces+gianlucaculot=dmsware.com at lists.samba.org]Per
>> > conto di Urs Golla
>> > Inviato: domenica 13 maggio 2007 10.35
>> > A: samba at lists.samba.org
>> > Oggetto: [Samba] Fwd: SAMBA on AIX --> nsswitch.conf?
>> > it works if i create the user xy on AIX.
>> > any ideas?
>> > ---------- Forwarded message ----------
>> > From: Urs Golla <urs.golla at gmail.com>
>> > Date: May 13, 2007 9:26 AM
>> > Subject: SAMBA on AIX --> nsswitch.conf?
>> > To: samba at lists.samba.org
>> > Hi
>> > I am still trying to run SAMBA on AIX with "security = ads" and I have
>> > a few questions:
>> > - on AIX is no such file as /etc/nsswitch.conf --> Do I have to add
>> > the configuration somewhere else?
>> > - I allways get this "User xy is invalid on this system" if try to map
>> > a share from Windows. What does this mean? Is the user invalid on the
>> > Domain? on AIX? on SAMBA? Is the User known by SAMBA but has no access
>> > rights on this share?
>> > - Has "security = ads" on AIX ever been tested?
>> > Any help would be appreciated!!!
>> > cheers
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions: https://lists.samba.org/mailman/listinfo/samba
>> Don't think it depends on system...
>> I think you are missing parts in Samab configuration
>> if nsswitch doesn't exist... create it
>> here is mine.
>> passwd: files winbind
>> shadow: files winbind
>> group: files winbind
>> #hosts: db files nisplus nis dns
>> #hosts: files dns wins
>> hosts: files dns
>> # Example - obey only what nisplus tells us...
>> #services: nisplus [NOTFOUND=return] files
>> #networks: nisplus [NOTFOUND=return] files
>> #protocols: nisplus [NOTFOUND=return] files
>> #rpc: nisplus [NOTFOUND=return] files
>> #ethers: nisplus [NOTFOUND=return] files
>> #netmasks: nisplus [NOTFOUND=return] files
>> bootparams: nisplus [NOTFOUND=return] files
>> ethers: db files
>> netmasks: files
>> networks: files dns
>> protocols: db files
>> rpc: files
>> services: files
>> netgroup: files
>> publickey: nisplus
>> automount: files
>> aliases: files nisplus
>To unsubscribe from this list go to the following URL and read the
More information about the samba