[Samba] Samba + Winbind + Windows 2003 AD
Necos Secon
secon_kun at hotmail.com
Sun Jul 18 17:49:39 MDT 2010
I accidentally deleted the first set of messages in my email for this thread, but does your DNS resolve properly? What does your resolv.conf look like? Also, what do these files look like:
krb5.conf
smb.conf
There's an option in smb.conf, winbind enum users, which needs to be set in order for getent to function properly. There is a corresponding option for groups as well. Look at them and let us know.
> Date: Mon, 19 Jul 2010 01:12:41 +0200
> From: hds at semark.dk
> To: esiotrot at gmail.com
> CC: samba at lists.samba.org
> Subject: Re: [Samba] Samba + Winbind + Windows 2003 AD
>
> Hi Micheal
>
> Sorry for not sending that information in the first place, but I though
> that it was so basic that it wasn't necessary.
>
> My nsswitch.conf:
> # cat /etc/nsswitch.conf
> # /etc/nsswitch.conf
> #
> # Example configuration of GNU Name Service Switch functionality.
> # If you have the `glibc-doc-reference' and `info' packages installed, try:
> # `info libc "Name Service Switch"' for information about this file.
>
> passwd: compat winbind
> group: compat winbind
> shadow: compat winbind
>
> hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
> networks: files
>
> services: db files
> ethers: db files
> protocols: db files
> rpc: db files
>
> netgroup: nis
>
> I will mean that it is the way to do this (and it works just fine on the
> UNIX servers that run there own Domain Controller)
>
> Med Venlig Hilsen / Best Regards
> Henrik Dige Semark
>
> Den 18-07-2010 17:03, Michael Wood skrev:
> > On 18 July 2010 01:34, Henrik Dige Semark<hds at semark.dk> wrote:
> >
> >> Hey out there.
> >>
> >> I have to join my UNIX server with an existing Win2k3 AD network.
> >>
> >> My system info:
> >> Debian Lenny
> >> Samba - 3.4.8
> >> Winbind - 3.4.8
> >>
> >> Windows Server 2003 with 2000-style-AD
> >>
> >> My problem is that, I have en UNIX server that have to run auth up against
> >> our existing windows 2003 AD.
> >>
> >> I have successfully joined my UNIX server to the AD, without problems.
> >> # net ads join -U Administrator
> >> Enter Administrator's password:
> >> Using short domain name -- TEST
> >> Joined 'MAIL' to realm 'TEST.LOCAL'
> >>
> >> My Samba config: http://pastebin.com/ZqaA0Ypn
> >>
> >> After the join I'm able to lookup peoples with
> >> # wbinfo -u
> >>
> > [...]
> >
> >> # wbinfo -g
> >>
> > [...]
> >
> >> Now the problem, getent only returns the local users and not the users from
> >> the AD
> >> The funny thing is that if a user is local on the UNIX and in the AD, I can
> >> login with the password from both local and AD, so I know that it can lookup
> >> people and passwords
> >>
> >> # getent passwd hs ; echo $?
> >> 2
> >>
> >> When I debug on getent it returns 2, witch means that it can't find the
> >> user.
> >>
> > Do you have winbind specified in your nsswitch.conf file as mentioned here:
> >
> > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html#id2654732
> >
> >
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
More information about the samba
mailing list