[Samba] Winbind - wbinfo -u works, getent passwd only gives local users

David Lee dnl at livstones.freeserve.co.uk
Tue May 22 22:02:00 GMT 2007


Thanks for the suggestion, but these are already set.

I am not making any progress on this.

David Lee

On Friday 18 May 2007 08:53, Alex Crow wrote:
> In smb.conf, do you have
> winbind enum groups = yes
> winbind enum users = yes ?
>
> I got stumped by this myself but these seem now to be off by default and
> need to be added for nsswitch to enumerate users/groups.
>
> Cheers
>
> Alex
>
> On Thu, 2007-05-17 at 18:30 +0100, David Lee wrote:
> > Hi Rune
> > I have
> >
> > passwd:         compat winbind
> > group:          compat winbind
> > shadow:         compat
> >
> > hosts:          files dns
> > networks:       files
> >
> > protocols:      db files
> > services:       db files
> > ethers:         db files
> > rpc:            db files
> >
> > netgroup:       nis
> >
> > and am now wondering what the netgroup entry is doing.
> > Other than that, it looks OK to me.
> >
> > Removing the netgroup entry does not help.
> >
> > David Lee
> >
> > ----------  Forwarded Message  ----------
> >
> > Subject: Re: [Samba] Winbind  - wbinfo -u works, getent passwd only gives
> > local users
> > Date: Thursday 17 May 2007 01:20
> > From: Rune Tønnesen
> >
> > Hi' David
> >
> > have you checked your setup in the /etc/nsswitch.conf file?
> > --
> > Rune Tønnesen
> > Venlig Hilsen/Best Regards
> >
> > > I only have limited Samba experience, and expect this is a silly
> > > mistake, but have been unable to find a solution
> > >
> > > I have installed Samba and Winbind on my desktop Linux (Debian) machine
> > > (SPARKSTONELX), aiming to unify logins with other windows machines
> > > accessing the PDC, again samba/Debian, with tdbsam password backend.
> > > All is well, joining the domain, and getting account details using
> > > wbinfo -u, but getent passwd only gives the local account details.
> > >
> > > The log file on the PDC (FILESTONE) reports
> > >
> > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242)
> > >   get_md4pw: Workstation SPARKSTONELX$: no account in domain
> > > [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(461)
> > >   _net_auth2: failed to get machine password for account SPARKSTONELX$:
> > > NT_STATUS_ACCESS_DENIED
> > >
> > > [2007/05/15 22:31:52, 1]
> > > nsswitch/winbindd_group.c:winbindd_getgrnam(259) group sparkstonelx$ in
> > > domain STONES does not exist
> > >
> > > and on the Linux desktop
> > >
> > > [2007/05/15 22:30:18, 1]
> > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
> > >   cli_pipe_validate_current_pdu: RPC fault code
> > > DCERPC_FAULT_OP_RNG_ERROR received from remo
> > > te machine FILESTONE pipe \lsarpc fnum 0x767a!
> > > [2007/05/15 22:30:18, 1]
> > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
> > >   cli_pipe_validate_current_pdu: Bind NACK received from remote
> > > machinesparkstonelx:/var/log/samba# wbinfo --own-domain
> > > STONES
> > > sparkstonelx:/var/log/samba# wbinfo -t
> > > checking the trust secret via RPC calls succeeded
> > > sparkstonelx:/var/log/samba# wbinfo -D stones
> > > Name              : STONES
> > > Alt_Name          :
> > > SID               : S-1-5-21-835963941-2627181251-1431239077
> > > Active Directory  : No
> > > Native            : No
> > > Primary           : Yes
> > > Sequence          : 1179266454
> > >  FILESTONE pipe \samr
> > >  fnum 0x767b!
> > > [2007/05/15 22:30:18, 0]
> > > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
> > >   cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with
> > > error NT_STATUS_NETWORK_
> > > ACCESS_DENIED
> > > [2007/05/15 22:30:18, 1]
> > > rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
> > >   cli_pipe_validate_current_pdu: Bind NACK received from remote machine
> > > FILESTONE pipe \lsar
> > > pc fnum 0x767e!
> > > [2007/05/15 22:30:18, 0]
> > > rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
> > >   cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with
> > > error NT_STATUS_NETWORK_
> > > ACCESS_DENIED
> > >
> > > but
> > >
> > > sparkstonelx:/var/log/samba# wbinfo --own-domain
> > > STONES
> > > sparkstonelx:/var/log/samba# wbinfo -t
> > > checking the trust secret via RPC calls succeeded
> > > sparkstonelx:/var/log/samba# wbinfo -D stones
> > > Name              : STONES
> > > Alt_Name          :
> > > SID               : S-1-5-21-835963941-2627181251-1431239077
> > > Active Directory  : No
> > > Native            : No
> > > Primary           : Yes
> > > Sequence          : 1179266454
> > >
> > > Any ideas?
> > >
> > > My network is about 6 machines in a Christian community, some being XP
> > > home, which limits my possible security settings!
> > > --
> > > David Lee
> > > ----------------------------
> > > Living Stones, Flore, UK
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  https://lists.samba.org/mailman/listinfo/samba
> >
> > -------------------------------------------------------
> >
> > --
> > David Lee
> > ----------------------------
> > Living Stones, Flore, UK

-- 
David Lee
----------------------------
Living Stones, Flore, UK


More information about the samba mailing list