[Samba] wbinfo messed up (was Re: Anyone try 'ssh server" and get "Password for DOMAIN\USER:>>")
samba at tlinx.org
Fri Jun 25 13:59:17 MDT 2010
Gaiseric Vandal wrote:
> IS the Samba server the PDC? Do you have local unix accounts on it?
> I might be wrong but couldn't you modify /etc/nsswitch.conf to use
> passwd: files winbind
> group: files winbind
I tried this -- but then I couldn't log in at all!
I'm thinking my winbind is screwy -- that may be all or part of the problem.
> wbinfo -u shows: lindaw (my user name)
wbinfo -n lindaw returns: (expected)
S-1-5-21-33333-77777-33333-80026 SID_USER (1)
wbinfo -i lindaw" says: "Could not get info for user lindaw"
wbinfo --own-domain returns: "BLISS"
wbinfo --ping-dc returns: "checking the NETLOGON dc connection succeeded"
wbinfo --dsgetdcname=BLISS returns:
"Could not find dc for BLISS"
Could not get group SIDs for user SID S-1-5-21-33333-77777-33333-80026
So It has partial information, but can't give info on me, can't verify
passwords, can't give groups, but maps user id's...
It DOESN'T show the same groups as "net rpc groups list" -- it shows
a *fraction* of what the net command shows -
net rpc groups list shows 20 groups,
wbinfo -g shows 8.
Should these be close? or the same?
How can they be out of sync and if they should be the same, how
do I resync them?
Net groups shows the correct listing.
> On 06/25/2010 01:12 AM, L. A. Walsh wrote:
>> I'm trying to use 'ssh' as a domain user from a workstation into my
>> When I ssh as a non-domain user, it doesn't tack on a domain (or
>> name, so it just works, but when I log in from from my Samba domain,
>> it tacks it on (and the linux security stuff doesn't like "domain\"
>> Should the pam_winbind module be able to authenticate this type of
>> user name against the domain?
>> If not, is there a module that does?
More information about the samba