[Samba] solaris9+winbind+getent

return of foo rumblesnort at gmail.com
Tue Jan 8 14:53:09 GMT 2008

I've searched the mailing list archives and google and seen quite a bit of
this with no solutions.  Was hoping to reach out here and find someone who
has this working.
1.  Solaris 9 (sparc)
2.  Samba 3.0.28
3.  ADS enabled, trying to integrate with a Win2k AD setup

wbinfo works great.  I can pull all the groups/users just fine.  I've read
where we need to kill the nscd daemon, done and no difference.  Does anyone
have all this working on Solaris 9?  I had to download/compile latest
kerberos (MIT), openldap, etc, and we have everything working great on our
linux machines.  'getent group' comes up with just the local groups.

login   auth requisite          pam_authtok_get.so.1
login   auth required           pam_dhkeys.so.1
login   auth required           pam_unix_auth.so.1
login   auth required           pam_dial_auth.so.1
login   auth optional           /usr/lib/security/pam_winbind.so

rlogin  auth sufficient         pam_rhosts_auth.so.1
rlogin  auth requisite          pam_authtok_get.so.1
rlogin  auth required           pam_dhkeys.so.1
rlogin  auth required           pam_unix_auth.so.1
rlogin  auth optional           /usr/lib/security/pam_winbind.so

rsh     auth sufficient         pam_rhosts_auth.so.1
rsh     auth required           pam_unix_auth.so.1

ppp     auth requisite          pam_authtok_get.so.1
ppp     auth required           pam_dhkeys.so.1
ppp     auth required           pam_unix_auth.so.1
ppp     auth required           pam_dial_auth.so.1

other   auth requisite          pam_authtok_get.so.1
other   auth required           pam_dhkeys.so.1
other   auth required           pam_unix_auth.so.1
other   auth optional           /usr/lib/security/pam_winbind.so

passwd  auth required           pam_passwd_auth.so.1

cron    account required        pam_projects.so.1
cron    account required        pam_unix_account.so.1

other   account requisite       pam_roles.so.1
other   account required        pam_projects.so.1
other   account required        pam_unix_account.so.1
other   account sufficient      /usr/lib/security/pam_winbind.so

other   session required        pam_unix_session.so.1
other   session sufficient      /usr/lib/security/pam_winbind.so

other   password required       pam_dhkeys.so.1
other   password requisite      pam_authtok_get.so.1
other   password requisite      pam_authtok_check.so.1
other   password required       pam_authtok_store.so.1

#rlogin         auth optional           pam_krb5.so.1 try_first_pass
#login          auth optional           pam_krb5.so.1 try_first_pass
#other          auth optional           pam_krb5.so.1 try_first_pass
#cron           account optional        pam_krb5.so.1
#other          account optional        pam_krb5.so.1
#other          session optional        pam_krb5.so.1
#other          password optional       pam_krb5.so.1 try_first_pass

passwd:     files winbind
group:      files winbind

# You must also set up the /etc/resolv.conf file for DNS name
# server lookup.  See resolv.conf(4).
hosts:      files dns wins
ipnodes:    files wins
# Uncomment the following line and comment out the above to resolve
# both IPv4 and IPv6 addresses from the ipnodes databases. Note that
# IPv4 addresses are searched in all of the ipnodes databases before
# searching the hosts databases. Before turning this option on, consult
# the Network Administration Guide for more details on using IPv6.
#ipnodes:   files dns

networks:   files winbind
protocols:  files winbind
rpc:        files winbind
ethers:     files
netmasks:   files winbind
bootparams: files
publickey:  files
# At present there isn't a 'files' backend for netgroup;  the system will
#   figure it out pretty quickly, and won't use netgroups at all.
netgroup:   files winbind
automount:  files windbind
aliases:    files
services:   files
sendmailvars:   files
printers:       user files

auth_attr:  files
prof_attr:  files
project:    files

Thanks in advance..

More information about the samba mailing list