[Samba] idmap init ignoring domain ....
Mailing List SVR
lists at svrinformatica.it
Tue Dec 16 20:49:53 GMT 2008
Il giorno lun, 15/12/2008 alle 16.13 -0600, Dale Schroeder ha scritto:
> Is your ldap server working properly, for example, do getent passwd
> and getent group return the proper values?
yes they work fine
> What does "net rpc testjoin" say?
net rpc testjoin
Unable to find a suitable server
Join to domain 'CPE' is not valid
but
net rpc -I 10.10.20.21 testjoin
Join to 'CPE' is OK
in my server I have two nic eth0 with address 1.1.1.5 on a private
network and eth1 on the client accessible network, yesterday I
configured samba with bind interfaces only and since them to make work
the net rpc commands I have to specify -I <client accessible ip address>
the ip is the one cofigured on eth1,
additionally since then I have this error every 5 minutes in my nmbd
logs:
become_domain_master_browser_wins:
Attempting to become domain master browser on workgroup CPE, subnet
UNICAST_SUBNET.
[2008/12/16 21:39:06, 0]
nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(349)
become_domain_master_browser_wins: querying WINS server from IP
127.0.0.1 for domain master browser name CPE<1b> on workgroup CPE
[2008/12/16 21:39:07, 0]
nmbd/nmbd_become_dmb.c:become_domain_master_query_success(233)
become_domain_master_query_success:
There is already a domain master browser at IP 1.1.1.5 for workgroup
CPE registered on subnet UNICAST_SUBNET.
maybe a cache,
however the clients can access and work with their roaming profiles
> Is nscd running? It is known to conflict with winbind.
no nscd is not running
> Are you using winbind because you are in a trust with another domain?
> To my knowledge, winbind is only needed on a PDC when a trust is
> involved.
ok I disabled winbind the official guide by example however says to
enable it, strange ...
> If you are not in a trust, do things work properly with the winbind
> daemon stopped?
Seems they work,
now I have only a client accessible and it seems to work, we'll see
tomorrow
> Do your logs give any clues? If not, try raising the "log level"
> value.
I think I have seen all possible samba errors in my logs ....
>
> Good luck. Let me know what you find out.
thanks
Nicola
>
> Dale
>
> Mailing List SVR wrote:
> > Il giorno lun, 15/12/2008 alle 13.38 -0600, Dale Schroeder ha scritto:
> >
> > > Mailing List SVR wrote:
> > >
> > > > Il giorno lun, 15/12/2008 alle 17.16 +0100, Mailing List SVR ha scritto:
> > > >
> > > >
> > > > > Il giorno lun, 15/12/2008 alle 16.55 +0100, Mailing List SVR ha scritto:
> > > > >
> > > > >
> > > > > > I have this error on my samba pdc, seems something related to winbind,
> > > > > > my pdc worked fine for some months and now this error make login very
> > > > > > slow and sometime the users are unable to load their roaming profile,
> > > > > >
> > > > > > any hints?
> > > > > >
> > > > > > regards
> > > > > > Nicola
> > > > > >
> > > > > >
> > > > > >
> > > > > My setup is samba+ldap, if you need other details please ask,
> > > > >
> > > > > thanks
> > > > > Nicola
> > > > >
> > > > >
> > > > >
> > > > additionally
> > > >
> > > > net rpc join -S domainname -U root
> > > >
> >
> > ok this work remain the problem for idmap,
> >
> > here is my smb.conf:
> >
> >
> > [global]
> > unix charset = LOCALE
> > workgroup = CPE
> > netbios name = CPE-PDC
> > server string = Samba PDC
> > interfaces = eth1, eth1:0, eth1:1, eth1:2, lo
> > bind interfaces only = Yes
> > passdb backend = ldapsam:ldap://ldap.cpe.it
> > username map = /etc/samba/smbusers
> > log level = 1
> > syslog = 0
> > log file = /var/log/samba/%m
> > max log size = 50
> > smb ports = 137 138 139 445
> > name resolve order = wins bcast hosts
> > time server = Yes
> > printcap name = cups
> > add user script = /usr/sbin/smbldap-useradd -m "%u"
> > add group script = /usr/sbin/smbldap-groupadd -p "%g"
> > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
> > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
> > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
> > add machine script = /usr/sbin/smbldap-useradd -w "%u"
> > logon script = scripts\logon.bat
> > logon path = \\%L\profiles\%U
> > logon drive = H:
> > logon home = \\%L\%U
> > domain logons = Yes
> > os level = 95
> > preferred master = Yes
> > domain master = Yes
> > wins support = Yes
> > ldap admin dn = cn=admin,dc=cpe,dc=it
> > ldap delete dn = Yes
> > ldap group suffix = ou=Groups
> > ldap idmap suffix = ou=Idmap
> > ldap machine suffix = ou=Computers
> > ldap passwd sync = Yes
> > ldap suffix = dc=cpe,dc=it
> > ldap user suffix = ou=Users
> > idmap backend = ldap:ldap://ldap.cpe.it
> > idmap uid = 10000-200000
> > idmap gid = 10000-200000
> > winbind use default domain = Yes
> > printer admin = Administrator
> > map acl inherit = Yes
> >
> > [netlogon]
> > comment = Network Logon Service
> > path = /home/dati/samba/netlogon/
> > browseable = No
> > locking = No
> > share modes = No
> >
> > [profiles]
> > path = /home/dati/samba/profiles
> > valid users = %U
> > admin users = "@Domain Admins"
> > read only = No
> > guest ok = Yes
> > profile acls = Yes
> > case sensitive = No
> > preserve case = No
> > short preserve case = No
> > hide files = /desktop.ini/ntuser.ini/NTUSER.*/
> > browseable = No
> > csc policy = disable
> >
> > [homes]
> > comment = Cartella Personale
> > valid users = %S
> > read only = No
> > hide files = /.bash*/.profile/
> > browseable = No
> >
> >
> >
> > > Should be -S <servername>, not <domainname>. If that doesn't help,
> > > you'll probably need to supply your smb.conf
> > >
> > > Dale
> > >
> > > > return
> > > >
> > > > Unable to find a suitable server
> > > >
> > > >
> > > >
> >
> >
More information about the samba
mailing list