[Samba] Samba from source on CentOS 5 -- nsswitch woes

John Koelndorfer kdorf at cems.umn.edu
Tue Jun 30 18:44:32 GMT 2009 

Samba users,

I have compiled Samba 3.3.6 from the pristine sources on samba.org on a 
CentOS 5 machine. When I compiled Samba, CentOS's samba-common package 
was installed and specifying 'winbind' in /etc/nsswitch.conf allowed 
winbind to supply user information. For the sake of cleanliness and 
removing old libraries, I removed the samba-common package. Now, 
specifying 'winbind' in nsswitch.conf does nothing. What I mean exactly 
is that using `id domain_user` or `id MYDOMAIN+domain_user` both return 
"no such user." I can't authenticate as any users that winbind ought to 
recognize.

To start, here are my configure options:
./configure --prefix=/opt/samba/3.3.6 --with-ads --with-ldap 
--with-kerberos=/usr/kerberos --with-ldap --with-quotas --with-pam 
--with-configdir=/etc/samba --enable-nss-wrapper 
--with-pammodulesdir=/lib/security --disable-cups --enable-socket-wrapper

I have verified that winbindd is running. The machine in question is 
joined to our domain. `wbinfo -u` returns a full list of users. My 
smb.conf is using the same settings as when the samba-common package was 
installed. You can take a look at it here: 
http://pastebin.com/m1f241322. I ran testparm and it did not report any 
problems.

I have copied the libnss_winbind.so and libnss_wins.so to /lib/. I have 
also ensured pam_winbind.so and pam_wins.so were copied to 
/lib/security/. I added my /opt/samba/3.3.6/lib to /etc/ld.so.conf and 
ran ldconfig, which also did not help (figured maybe it had problems 
finding libraries).

Looking at the CentOS 5 samba-common package, it includes a few 
libraries (namely, it builds ad.so, which is symlinked as sfu.so and 
rfc2307.so) which are not built with the sources I downloaded. I assumed 
this was because it was an older Samba. Other than that, I can't 
possibly see what I might be missing.

Any assistance is greatly appreciated. If there is any additional 
information I can provide, please ask.

-- 
John Koelndorfer
CEMS IT Office

More information about the samba mailing list