[Samba] Winbind - wbinfo -u works,
getent passwd only gives local users
Henrik Zagerholm
henke at mac.se
Thu May 24 20:51:40 GMT 2007
Did you link libnss_winbind correctly?
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/
winbind.html#id412579
Cheers,
henrik
23 maj 2007 kl. 00:02 skrev David Lee:
> Thanks for the suggestion, but these are already set.
>
> I am not making any progress on this.
>
> David Lee
>
> On Friday 18 May 2007 08:53, Alex Crow wrote:
>> In smb.conf, do you have
>> winbind enum groups = yes
>> winbind enum users = yes ?
>>
>> I got stumped by this myself but these seem now to be off by
>> default and
>> need to be added for nsswitch to enumerate users/groups.
>>
>> Cheers
>>
>> Alex
>>
>> On Thu, 2007-05-17 at 18:30 +0100, David Lee wrote:
>>> Hi Rune
>>> I have
>>>
>>> passwd: compat winbind
>>> group: compat winbind
>>> shadow: compat
>>>
>>> hosts: files dns
>>> networks: files
>>>
>>> protocols: db files
>>> services: db files
>>> ethers: db files
>>> rpc: db files
>>>
>>> netgroup: nis
>>>
>>> and am now wondering what the netgroup entry is doing.
>>> Other than that, it looks OK to me.
>>>
>>> Removing the netgroup entry does not help.
>>>
>>> David Lee
>>>
>>> ---------- Forwarded Message ----------
>>>
>>> Subject: Re: [Samba] Winbind - wbinfo -u works, getent passwd
>>> only gives
>>> local users
>>> Date: Thursday 17 May 2007 01:20
>>> From: Rune Tønnesen
>>>
>>> Hi' David
>>>
>>> have you checked your setup in the /etc/nsswitch.conf file?
>>> --
>>> Rune Tønnesen
>>> Venlig Hilsen/Best Regards
>>>
>>>> I only have limited Samba experience, and expect this is a silly
>>>> mistake, but have been unable to find a solution
>>>>
>>>> I have installed Samba and Winbind on my desktop Linux (Debian)
>>>> machine
>>>> (SPARKSTONELX), aiming to unify logins with other windows machines
>>>> accessing the PDC, again samba/Debian, with tdbsam password
>>>> backend.
>>>> All is well, joining the domain, and getting account details using
>>>> wbinfo -u, but getent passwd only gives the local account details.
>>>>
>>>> The log file on the PDC (FILESTONE) reports
>>>>
>>>> [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:get_md4pw(242)
>>>> get_md4pw: Workstation SPARKSTONELX$: no account in domain
>>>> [2007/05/15 22:31:48, 0] rpc_server/srv_netlog_nt.c:_net_auth_2
>>>> (461)
>>>> _net_auth2: failed to get machine password for account
>>>> SPARKSTONELX$:
>>>> NT_STATUS_ACCESS_DENIED
>>>>
>>>> [2007/05/15 22:31:52, 1]
>>>> nsswitch/winbindd_group.c:winbindd_getgrnam(259) group
>>>> sparkstonelx$ in
>>>> domain STONES does not exist
>>>>
>>>> and on the Linux desktop
>>>>
>>>> [2007/05/15 22:30:18, 1]
>>>> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
>>>> cli_pipe_validate_current_pdu: RPC fault code
>>>> DCERPC_FAULT_OP_RNG_ERROR received from remo
>>>> te machine FILESTONE pipe \lsarpc fnum 0x767a!
>>>> [2007/05/15 22:30:18, 1]
>>>> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
>>>> cli_pipe_validate_current_pdu: Bind NACK received from remote
>>>> machinesparkstonelx:/var/log/samba# wbinfo --own-domain
>>>> STONES
>>>> sparkstonelx:/var/log/samba# wbinfo -t
>>>> checking the trust secret via RPC calls succeeded
>>>> sparkstonelx:/var/log/samba# wbinfo -D stones
>>>> Name : STONES
>>>> Alt_Name :
>>>> SID : S-1-5-21-835963941-2627181251-1431239077
>>>> Active Directory : No
>>>> Native : No
>>>> Primary : Yes
>>>> Sequence : 1179266454
>>>> FILESTONE pipe \samr
>>>> fnum 0x767b!
>>>> [2007/05/15 22:30:18, 0]
>>>> rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
>>>> cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with
>>>> error NT_STATUS_NETWORK_
>>>> ACCESS_DENIED
>>>> [2007/05/15 22:30:18, 1]
>>>> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(601)
>>>> cli_pipe_validate_current_pdu: Bind NACK received from remote
>>>> machine
>>>> FILESTONE pipe \lsar
>>>> pc fnum 0x767e!
>>>> [2007/05/15 22:30:18, 0]
>>>> rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2356)
>>>> cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with
>>>> error NT_STATUS_NETWORK_
>>>> ACCESS_DENIED
>>>>
>>>> but
>>>>
>>>> sparkstonelx:/var/log/samba# wbinfo --own-domain
>>>> STONES
>>>> sparkstonelx:/var/log/samba# wbinfo -t
>>>> checking the trust secret via RPC calls succeeded
>>>> sparkstonelx:/var/log/samba# wbinfo -D stones
>>>> Name : STONES
>>>> Alt_Name :
>>>> SID : S-1-5-21-835963941-2627181251-1431239077
>>>> Active Directory : No
>>>> Native : No
>>>> Primary : Yes
>>>> Sequence : 1179266454
>>>>
>>>> Any ideas?
>>>>
>>>> My network is about 6 machines in a Christian community, some
>>>> being XP
>>>> home, which limits my possible security settings!
>>>> --
>>>> David Lee
>>>> ----------------------------
>>>> Living Stones, Flore, UK
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions: https://lists.samba.org/mailman/listinfo/samba
>>>
>>> -------------------------------------------------------
>>>
>>> --
>>> David Lee
>>> ----------------------------
>>> Living Stones, Flore, UK
>
> --
> David Lee
> ----------------------------
> Living Stones, Flore, UK
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list