[Samba] Samba + Winbind + Windows 2003 AD

Henrik Dige Semark hds at semark.dk
Sun Jul 18 17:12:41 MDT 2010


Hi Micheal

Sorry for not sending that information in the first place, but I though 
that it was so basic that it wasn't necessary.

My nsswitch.conf:
# cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat winbind
group:          compat winbind
shadow:         compat winbind

hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
networks:       files

services:       db files
ethers:         db files
protocols:      db files
rpc:            db files

netgroup:       nis

I will mean that it is the way to do this (and it works just fine on the 
UNIX servers that run there own Domain Controller)

Med Venlig Hilsen / Best Regards
Henrik Dige Semark

Den 18-07-2010 17:03, Michael Wood skrev:
> On 18 July 2010 01:34, Henrik Dige Semark<hds at semark.dk>  wrote:
>    
>> Hey out there.
>>
>> I have to join my UNIX server with an existing Win2k3 AD network.
>>
>> My system info:
>> Debian Lenny
>> Samba   - 3.4.8
>> Winbind - 3.4.8
>>
>> Windows Server 2003 with 2000-style-AD
>>
>> My problem is that, I have en UNIX server that have to run auth up against
>> our existing windows 2003 AD.
>>
>> I have successfully joined my UNIX server to the AD, without problems.
>> # net ads join -U Administrator
>> Enter Administrator's password:
>> Using short domain name -- TEST
>> Joined 'MAIL' to realm 'TEST.LOCAL'
>>
>> My Samba config: http://pastebin.com/ZqaA0Ypn
>>
>> After the join I'm able to lookup peoples with
>> # wbinfo -u
>>      
> [...]
>    
>> # wbinfo -g
>>      
> [...]
>    
>> Now the problem, getent only returns the local users and not the users from
>> the AD
>> The funny thing is that if a user is local on the UNIX and in the AD, I can
>> login with the password from both local and AD, so I know that it can lookup
>> people and passwords
>>
>> # getent passwd hs ; echo $?
>> 2
>>
>> When I debug on getent it returns 2, witch means that it can't find the
>> user.
>>      
> Do you have winbind specified in your nsswitch.conf file as mentioned here:
>
> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html#id2654732
>
>    


More information about the samba mailing list