[Samba] samba 3.5.6, winbindd and getent/id
Christopher Chan
christopher.chan at bradbury.edu.hk
Thu Dec 2 03:02:14 MST 2010
On Thursday, December 02, 2010 03:38 PM, Eugene M. Zheganin wrote:
> Hi.
>
> I'm using samba to authenticate squid users in Windows AD, and to
> provide 'em some statistics on the Internet usage. As this requires the
> existence of windows users in Unix environment, I use nsswitch.conf and
> nss_winbind.so to map users in Unix environment via samba as domain
> member (security = ads) and its winbindd daemon.
>
> As of samba 3.5.6 I'm expiriencing some major problems with it. To be
> exact, neither id nor getent passwd don't work (allthough the squid
> authentication is working perfectly even for windows-only users). For
> providing some statistics I need them to work.
>
> How can I debug this ? I'm using the same config on 3.0.x, 3.4.9 and on
> 3.5.6.
> wbinfo -t gives me all ok.
> wbinfo -g / wbinfo -u give me empty list regardless of the setting
> "winbind enum group/users".
wbinfo -u/-g should work if the configuration is correct. At least they
work for me on 3.5.4. What are your idmap settings?
For me, getent group works but not getent passwd. However, id does work
for mapped accounts.
>
> The only error I see in logs (except those about PROBE domain) is that
> winbindd cannot open /usr/local/lib/samba/passdb.so. Indeed, this file
> doesn't exist, but it also doesn't exist on 3.4.9 where all is fine.
>
> Is my problem related to it ?
>
> I dont' see any other errors in logfiles on debug level 10 ('grep -i
> error', 'grep -i failed' gives nothing).
>
You might want to look in/tail log.winbindd, log.winbindd-idmap and see
what is going on when you issue a winbind -u/-g.
More information about the samba
mailing list