[Samba] wbinfo -u and -g work, getent passwd works, getent groupDOES NOT WORK (solution!)

Jeff LePage Jeff.LePage at asg.com
Sun Aug 3 21:07:19 GMT 2008 

You may be right. I know too little about winbind to comment.  However, I note that the tutorials on creating a samba PDC (e.g., section 9.2 of Using Samba, 3rd edition) never mention winbind). However, tutorials on getting a linux client (a domain member server) to join a samba domain most definitely do.

I'm not sure what you mean when you say "Did you set it as master or preferred master in smb.conf".  Are you referring the the server (PDC) or the client (domain member server)?

The client is most definitely NOT set as a master or preferred master.

Here's what the official docs at samba.org suggest for the smb.conf for the PDC:

passdb backend = tdbsam
os level = 33
preferred master = auto
domain master = yes
local master = yes
security = user
domain logons = yes

So, yes.  I do have it (meaning the server) set as master.  

We may be talking about different things here.  When i say i turn off winbind, I merely mean i removed the service.  On linux turning off winbindd is simply a matter of removing the service from /etc/init.d/ directory and running 'update-rc.d winbind remove'.

Finally:
---------------
So obviously I have some conflict between the server winbindd and the client winbindd.  If I leave winbind running on the PDC and also on the clients, then what is the magic that allows them not to conflict?  



-----Original Message-----
From: samba-bounces+jeff.lepage=asg.com at lists.samba.org on behalf of Jason A. Nunnelley
Sent: Sun 8/3/2008 4:15 PM
To: samba at lists.samba.org
Subject: Re: [Samba] wbinfo -u and -g work, getent passwd works, getent groupDOES NOT WORK (solution!)
 
> I found the problem.  I had winbind running on the PDC.

Jeff,

In the BSD port, winbind is built into the startup script by default. 
So, it takes some hacking to remove it.

For that reason, and because I've only one domain, I leave it running. 
But, I'm fairly sure winbind serves a useful purpose on most any network 
IF configured correctly.  I'm not sure "turn off winbind on your 
server," is always good advice.

What I wonder is why does winbind cause you trouble?  Is it possible you 
set it as master or preferred master in smb.conf and it's not allowing 
the clients to see the other broadcasts on the network?

> So.  In conclusion, winbind on server BAD, winbind on client GOOD.

I still don't understand why winbind is always a bad feature on a 
server.  I think it's more likely winbind is tricky and deserves correct 
configuration.  If you just want to skip that hassle, I can see turning 
off winbind as a hackaround, but don't think it's necessarily a plan.


-- 


Jason A. Nunnelley
JasonN.com is my website - all opinions expressed were mine at some point.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list