[Samba] Can't chown a file to an ADS username

Eric Diven eric.diven at edsiohio.com
Tue Oct 9 13:33:40 GMT 2007 

Yes, these are only winbind startup messages, that's exactly the
problem.  I had in my nsswitch.conf file:

passwd:  compat winbind
shadow:  compat winbind
group:   compat winbind

which produced only the local names

To test, I changed nsswitch.conf as follows:

passwd:  winbind [UNAVAIL=retunr] compat
shadow:  compat winbind #so I have some hope of being able to log in if
I didn't get it changed back, maybe
group:   winbind [UNAVAIL=return] compat

and got *nothing* back from getent passwd.  I'm guessing this means I've
got a .so file in the wrong place somewhere.  Following the instructions
online, I have

/lib/libnss_winbind.so.2
/lib/libnss_winbind.so -> /lib/libnss_winbind.so.2
/usr/lib/libnss_winbind.so -> /lib/libnss_winbind.so.2

This sure looks correct, but it's pretty clear that winbind isn't
getting called.

~Eric

-----Original Message-----
From: Stas [mailto:narezatel at gmail.com] 
Sent: Monday, October 08, 2007 5:04 PM
To: Eric Diven
Cc: samba at lists.samba.org
Subject: Re: [Samba] Can't chown a file to an ADS username

the winbindd.log you posted contains winbind startup messages?
if not try to restart winbind and check winbind log for errors .
/etc/nsswitch.conf contains winbind related strings?


On 10/8/07, Eric Diven <eric.diven at edsiohio.com> wrote:
> I'm not actually getting much from it.  I'm assuming that all of 
> winbinds logging goes to [logpath]/winbindd.log.
>
> If that's the case, I'm seeing nsswitch related stuff happening when 
> winbind starts up, but not when I run getent passwd.
> I'm running winbind at debug level 3.
>
> [root at localhost ~]# cat /var/log/samba/winbindd.log
> [2007/10/08 13:18:23, 2] lib/interface.c:add_interface(81)
>   added interface ip=192.168.100.80 bcast=192.168.100.255 
> nmask=255.255.255.0
> [2007/10/08 13:18:23, 2] lib/interface.c:add_interface(81)
>   added interface ip=192.168.100.80 bcast=192.168.100.255 
> nmask=255.255.255.0
> [2007/10/08 13:18:23, 2] lib/tallocmsg.c:register_msg_pool_usage(61)
>   Registered MSG_REQ_POOL_USAGE
> [2007/10/08 13:18:23, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71)
>   Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> [2007/10/08 13:18:23, 2]
> nsswitch/winbindd_util.c:add_trusted_domain(175)
>   Added domain EDSI EDSI.EDSI-INT.COM
> S-1-5-21-1993962763-329068152-1801674531
> [2007/10/08 13:18:23, 2]
> nsswitch/winbindd_util.c:add_trusted_domain(175)
>   Added domain LOCALHOST  S-1-5-21-9612232-2512366426-966941693
> [2007/10/08 13:18:23, 2]
> nsswitch/winbindd_util.c:add_trusted_domain(175)
>   Added domain BUILTIN  S-1-5-32
> [2007/10/08 13:18:23, 3]
> nsswitch/winbindd_misc.c:winbindd_interface_version(483)
>   [    0]: request interface version
> [2007/10/08 13:18:23, 3]
> nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
>   [    0]: request location of privileged pipe
> [2007/10/08 13:18:23, 3] nsswitch/winbindd_misc.c:winbindd_ping(462)
>   [    0]: ping
> [root at localhost ~]#
>
> This is the result of clearing the log, restarting samba, and running 
> getent passwd.  Nothing gets added to the log when I run it.  It's 
> greek to me what the stuff from winbind start up means, but I'm a 
> little suspicious that nothing shows up on getent passwd.
>
> ~Eric
>
> -----Original Message-----
> From: Stas [mailto:narezatel at gmail.com]
> Sent: Monday, October 08, 2007 12:50 PM
> To: Eric Diven
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] Can't chown a file to an ADS username
>
> winbind's log may be helpful
>
>
>
> On 10/8/07, Eric Diven <eric.diven at edsiohio.com> wrote:
> > I've got a samba install on Linux with winbind installed, etc.  I've

> > configured it the same as I have under Solaris, but for some reason,

> > I
>
> > can't chown a file to an AD username.  I have joined the box to the 
> > domain, I can wbinfo -u/-g and get lists of users and groups on the 
> > domain.  When I run getent passwd or getent group, however, I don't 
> > see any of the domain users and groups.  I have winbind enum users 
> > and
>
> > groups = yes in the smb.conf file.
> >
> > Eventually, I need to be able to accomplish this with enum users and

> > groups = no for a large domain, but I'm trying to duplicate a 
> > problem we're have with Solaris.
> >
> > Any ideas?  I'm happy to furnish further info/configs/logs on
request.
> >
> > ~Eric
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/listinfo/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list