[Samba] Samba 3.4 is unable to list users with getent and id (idmap_ad backend)
Alexander Födisch
foedisch at eva.mpg.de
Fri Sep 4 10:10:10 MDT 2009
The solution for me was a system reboot.
Regards,
Alex
Alexander Födisch schrieb:
> Hi,
>
> I have the same problem with samba 3.3.7:
>
> On a member server (samba 3.3.7-39) I can query users and groups with
> "wbinfo -u|-g" and "getent passwd|groups".
> Both tools are working fine. But "id <user>" or "getent passwd <user>"
> does not work.
>
> When connecting to a share, the authorization also fails with error
> "NT_STATUS_NO_SUCH_USER"
>
> my /etc/nsswitch.conf:
> passwd: compat winbind
> group: compat winbind
>
>
> Any ideas?
>
>
> Thanks,
> Alex
>
>
> Oliver Weinmann schrieb:
>> Dear All,
>>
>> I'm using Samba Version 3.2.6 under Solaris 8 with the following config:
>>
>> netbios name = pegasus
>> realm = REALM.NET
>> workgroup = REALM
>> security = ADS
>> encrypt passwords = yes
>> password server = *
>> os level = 20
>> socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
>> idmap backend = ad
>> idmap config REALM:schema_mode = sfu
>> winbind nss info = sfu
>> allow trusted domains = no
>> winbind enum users = no
>> winbind enum groups = no
>> preferred master = no
>> winbind nested groups = Yes
>> winbind use default domain = Yes
>> max log size = 50
>> log file = /var/log/samba/log.%m
>> dns proxy = no
>> wins server = 172.20.200.18 172.18.200.20
>> allow trusted domains = No
>> client use spnego = Yes
>> use kerberos keytab = true
>> winbind refresh tickets = yes
>>
>> This is working fine.
>> Recently I compiled Samba 3.4 for Solaris 10 and I just can't get it to
>> work with the idmap backend ad.
>>
>> Wbinfo -u and wbinfo -g show all my AD users but id username and getent
>> passwd username shows nothing. The logs don't show anything suspicious
>> except this error:
>>
>> lib/C.msg: No such file or directory
>>
>> I checked on the Solaris 8 box and this file doesn't exist either. So I
>> suspect it not the be the cause of the problem.
>>
>> I noticed that the smb.conf needed some adjustment in samba 3.3.2. I got
>> this working using:
>>
>> idmap config REALM : backend = ad
>> idmap config REALM : schema_mode = sfu idmap config REALM : range =
>> 0-99999999
>>
>> Instead of idmap backend = ad
>>
>> But with 3.4 I had no luck.
>>
>> This is what my current config on Samba 3.4 looks like:
>>
>> [global]
>> netbios name = Phobos
>> realm = REALM.NET
>> workgroup = REALM
>> security = ADS
>> encrypt passwords = yes
>> password server = *
>> os level = 20
>> #idmap backend = ad
>> idmap config REALM : backend = ad
>> idmap config REALM:schema_mode = sfu
>> idmap config REALM : range = 0-99999999
>> winbind nss info = sfu
>> winbind enum users = yes
>> winbind enum groups = yes
>> preferred master = no
>> winbind nested groups = Yes
>> winbind use default domain = Yes
>> max log size = 50
>> log file = /var/log/samba/log.%m
>> log level = 10
>> dns proxy = no
>> wins server = 172.20.200.18 172.18.200.20
>> allow trusted domains = no
>> client use spnego = Yes
>> #use kerberos keytab = true
>> winbind refresh tickets = yes
>>
>> Any help would be appreciated. If I can't get it working I might need to
>> get back using an older Version like 3.2.6.
>>
>> Regards,
>> Oliver
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5905 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20090904/b2ae6279/attachment.bin>
More information about the samba
mailing list