[Samba] wbinfo -u and -g work, getent passwd works,
getent group DOES NOT WORK
Jeff LePage
Jeff.LePage at asg.com
Sat Aug 2 04:30:20 GMT 2008
Hi,
I'm trying to get some Ubuntu8.04 clients to authenticate to an Ubuntu8.04 Samba domain controller. Everyone is running Samba 3.0.28a.
Side question: should I upgrade to 3.2? Keep in mind that means finding binaries for ubuntu or compiling from source for a server and 20 clients.
Basically wbinfo -u and -g work, getent passwd works, getent group DOES NOT WORK.
My domain is called ORA and I've set up some test users,etc. See the output of wbinfo and getent below. Following the output of wbinfo is my smb.conf's for the server and client.
When my domain users login everything works except that there's no group name, only a gid.
in the log.winbind I get this:
[2008/08/01 22:11:26, 1] nsswitch/winbindd_group.c:fill_grent_mem(365)
could not lookup membership for group sid S-1-5-21-2023487214-2483299788-1506694197-1009 in domain ORA (error: NT_STATUS_NO_SUCH_GROUP)
[2008/08/01 22:11:26, 0] nsswitch/winbindd_group.c:winbindd_getgrent(1110)
could not lookup domain group ORA\bob3
output of getent and wbinfo
----------------------------------
ubuntu01 at ubuntu19:~$ wbinfo -u
ORA\bob3
ORA\smbadmin
ORA\bob4
ORA\bob
ORA\bob2
ubuntu01 at ubuntu19:~$ wbinfo -g
BUILTIN\administrators
BUILTIN\users
ORA\bob
ORA\domain admins
ORA\bob3
ORA\bob4
ORA\bob2
ORA\server admins
ORA\hosts
ubuntu01 at ubuntu19:~$ getent passwd | egrep ORA
ORA\bob3:*:31006:10513::/home/ORA/bob3:/bin/bash
ORA\smbadmin:*:13016:10513::/home/ORA/smbadmin:/bin/bash
ORA\bob4:*:31008:10513::/home/ORA/bob4:/bin/bash
ORA\bob:*:13012:10513::/home/ORA/bob:/bin/bash
ORA\bob2:*:31000:10513::/home/ORA/bob2:/bin/bash
ubuntu01 at ubuntu19:~$ getent group | egrep ORA
ubuntu01 at ubuntu19:~$ getent group | tail -5
sambashare:x:125:ubuntu01
winbindd_priv:x:126:
dirmngr:x:127:
BUILTIN\administrators:x:10000:
BUILTIN\users:x:10001:
ubuntu01 at ubuntu19:~$ smbd -V
Version 3.0.28a
ubuntu01 at ubuntu19:~$
smb.conf for server:
------------------------
[global]
log level = 2
workgroup = ORA
netbios name = SAMBA1
server string = %h server (Samba, Ubuntu)
passdb backend = tdbsam
security = user
encrypt passwords = yes
domain logons = yes
preferred master = yes
logon path =
logon home =
logon drive = P:
enable privileges = yes
domain master = yes
os level = 33
local master = yes
add machine script = /usr/sbin/useradd -g hosts -s /bin/false '%u'
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel '%u'
rename user script = /usr/sbin/usermod -l '%unew' '%uold'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -a -G '%g' '%u'
delete user from group script = deluser '%u' '%g'
set primary group script = /usr/sbin/usermod -g '%g' '%u'
[public]
path = /export/tmp
read only = No
[netlogon]
comment = Net Logon service
path = /data/netlogon
read only = yes
write list = +ntadmin
[profiles]
comment = User roaming profiles
path = /data/profiles
valid users = %U
create mask = 0600
directory mask = 0700
read only = no
guest ok = no
[homes]
comment = Home directory for %U
read only = no
valid users = %S
smb.conf for client
-------------------------
[global]
workgroup = ORA
server string = %h server (Samba, Ubuntu)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = Domain
encrypt passwords = true
password server = samba1
passdb backend = tdbsam
obey pam restrictions = yes
invalid users = root
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
socket options = TCP_NODELAY
allow trusted domains = no
idmap backend = rid:ORA=10000-2000000
idmap uid = 10000-2000000
idmap gid = 10000-2000000
template shell = /bin/bash
template homedir = /home/%D/%U
winbind cache time = 0
winbind enum users = yes
winbind enum groups = yes
usershare allow guests = yes
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
More information about the samba
mailing list