[Samba] getent not listing ADS users ctdb samba
Evan Koutsandreou
e.koutsandreou at optusnet.com.au
Tue Jun 3 09:09:02 GMT 2008
Hi,
I am setting up ctdb samba, and have hit a brick wall trying to solve the
following issue.
1. getent does not retrieve the list of domain users or groups (wbinfo
works fine)
I'm not sure what I'm missing but I've almost spent the whole day trying to
resolve this one and haven't made any progress :-(
Any help or suggestions are appreciated
My configuration is as follows
Installed pre-built RHEL binaries from ctdb.samba
ctdb-1.0-41.src.rpm
ctdb-1.0-41.x86_64.rpm
ctdb-debuginfo-1.0-41.x86_64.rpm
samba-3.0.25-ctdb.16.src.rpm
samba-3.0.25-ctdb.16.x86_64.rpm
samba-client-3.0.25-ctdb.16.x86_64.rpm
samba-common-3.0.25-ctdb.16.x86_64.rpm
samba-debuginfo-3.0.25-ctdb.16.x86_64.rpm
samba-doc-3.0.25-ctdb.16.x86_64.rpm
samba-swat-3.0.25-ctdb.16.x86_64.rpm
samba-winbind-32bit-3.0.25-ctdb.16.i386.rpm
SMB.CONF
[global]
workgroup = PLANET
realm = PLANET.AD
netbios name = CTDBSAMBA
server string = CTDB Samba Server
security = ADS
private dir = /gpfs/gpfs0/SMBDconfig
log file = /usr/local/samba/var/log.%m
max log size = 50
clustering = Yes
dns proxy = No
ldap ssl = no
idmap backend = tdb2
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /usr/spool/samba
printable = Yes
browseable = No
[GPFSGLOBAL]
comment = "GPFS Global Share"
path = /gpfs/gpfs0/GLOBALSHARE
read only = No
force unknown acl user = Yes
vfs objects = gpfs
nfs4:acedup = merge
nfs4:chown = yes
nfs4:mode = special
gpfs:sharemodes = No
fileid:mapping = fsname
KRB5.CONF
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = PLANET.AD
[realms]
PLANET.AD = {
kdc = msad2k3.planet.ad
admin_server = msad2k3
}
[domain_realm]
.msad2k3.planet.ad = PLANET.AD
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
NSSWITCH.CONF
passwd: files winbind
shadow: files
group: files winbind
SYSTEM-AUTH
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
### WINBIND AUTH ###
auth sufficient /lib/security/pam_winbind.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so
### WINBIND AUTH ###
account sufficient /lib/security/pam_winbind.so
account required pam_unix.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass
use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond
quiet use_uid
session required pam_unix.so
More information about the samba
mailing list