[Samba] Trying to get uid and gid to match and getent to work

phwashington at tx.rr.com phwashington at tx.rr.com
Fri Nov 7 17:24:50 GMT 2008 

---- phwashington at tx.rr.com wrote: 
> I am using the following in my smb.conf on samba-3.0.28-0.el5.8
> 
>         idmap domains = MYDOMAIN
>         idmap config MYDOMAIN:backend        = rid
>         idmap config MYDOMAIN:base_rid       = 998
>         idmap config MYDOMAIN:range          = 998 - 49999
>         idmap uid = 998-20000
>         idmap gid = 998-20000
>         template homedir = /home/users/%U
> #       template primary group = "Domain Users"
>         template shell = /bin/bash
>         winbind separator = +
> ;       winbind use default domain = Yes
>         winbind enum users = yes
>         winbind enum groups = yes
> 
> The problem was first noticed when we connected to another member server and noticed that all of the usernames and groups were different.
> During trouble shooting we noticed that wbinfo was reporting the list of users but getent was not check libnss_winbind.so
> We just copied it to every directory we thought it might be looking
> 
> /lib/libnss_winbind.so
> /lib64/libnss_winbind.so
> /lib64/libnss_winbind.so.2
> /lib64/security/pam_winbind.so
> /usr/lib/libnss_winbind.so
> /usr/lib64/libnss_winbind.so
> /usr/lib64/nss/libnss_winbind.so
> /usr/lib64/nss/libnss_winbind.so.2
> /usr/lib64/pppd/2.4.4/winbind.so
> 
> Deleted the /var/cache/samba/winbind_cache.tdb
> and  winbindd_idmap.tdb
> 
> after restarting winbind and samba the winbindd_idmap.tdp did not reappear.
> and getent was still not working.
> 
> Also seeing the following error when restart winbind
> 
> Nov  6 11:57:58 localhost winbindd[21350]: [2008/11/06 11:57:58, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache(2230) 
> Nov  6 11:57:58 localhost winbindd[21350]:   initialize_winbindd_cache: clearing cache and re-creating with version number 1 
> Nov  6 11:57:58 localhost winbindd[21351]: [2008/11/06 11:57:58, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_ntlmssp_internal(2363) 
> Nov  6 11:57:58 localhost winbindd[21351]:   cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ACCESS_DENIED 
> 
Okay, I was able to get getent to work.
had to go back to ldconfig to get the library files to load the variants of libnss_winbind.

So now am trying to get it to allow domain users to login and get the uid's and gid's to match across servers.

More information about the samba mailing list