[Samba] samba-3.0.25 on Debian

Guillermo Gutierrez ggutierrez at marketscan.com
Thu May 17 18:12:28 GMT 2007 

I have upgraded to samba 3.0.25 on a Debian Etch system and I am using
winbind to authenticate against active directory.

It used to work just fine with 3.0.24, wbinfo showed all users and
groups, getent used to show all users and groups, and I could 'su' and
do all sorts of fun stuff using domain accounts on my Debian box.

 

Using V3.0.25, wbinfo still reports everything as good, but getent won't
return domain users and passwords. Now I can't use domain accounts for
anything.

 

Here is my nsswitch.conf:

 

passwd:         files winbind

group:          files winbind

shadow:         files winbind

 

hosts:          files dns winbind

networks:       files winbind

 

protocols:      db files

services:       db files

ethers:         db files

rpc:            db files

 

netgroup:       nis

 

and here is my samba config:

 

[global]

        netbios name = Solidus

        workgroup = MARKETSCAN

        realm = MARKETSCAN.COM

        server string = %h Samba server, %v

        interfaces = lo, eth0

        bind interfaces only = Yes

        security = ADS

        encrypt passwords = yes

        password server = *

        obey pam restrictions = Yes

        passdb backend = tdbsam

        syslog = 0

        log file = /var/log/samba/log.%m

        max log size = 1000

        name resolve order = lmhosts host bcast

        os level = 2

        preferred master = No

        local master = No

        domain master = No

        dns proxy = No

        idmap uid = 10000-20000

        idmap gid = 10000-20000

        template homedir = /home/MARKETSCAN/%U

        template shell = /bin/bash

        winbind uid = 10000-20000

        winbind gid = 10000-20000

        winbind enum users = Yes

        winbind enum groups = Yes

        winbind use default domain = Yes

 

[homes]

        comment = Home Directories

        path = /home/MARKETSCAN/%U

        valid users = %D\%U

        read only = No

        create mask = 0700

        directory mask = 0700

        browseable = No

 

[public]

        comment = Public Share on %h

        path = /home/samba/public

        valid users = +sa, @"MARKETSCAN\ggutierrez"

        read only = No

        create mask = 0775

        directory mask = 0775

 

[printers]

        comment = All Printers

        path = /var/spool/samba

        create mask = 0700

        printable = Yes

        browseable = No

 

[print$]

        comment = Printer Drivers

        path = /var/lib/samba/printers

 

Please help, I really want to be able to keep using Debian with ADS
authentication.

 

Guillermo Gutierrez

Network Administrator

Market Scan Information Systems, Inc.

(818) 575-2017

ggutierrez at marketscan.com

More information about the samba mailing list