[Samba] Samba 3.6.0: unable to list Active Directoy users "WBC_ERR_DOMAIN_NOT_FOUND"
John H Terpstra
jht at samba.org
Fri Aug 19 05:51:48 MDT 2011
On 08/19/2011 03:54 AM, David Touzeau wrote:
> Le jeudi 18 août 2011 à 13:26 +0200, Benedikt Schindler a écrit :
>
>> Am 18.08.2011 06:07, schrieb John H Terpstra:
>>> On 08/17/2011 02:05 PM, David Touzeau wrote:
>>>> I think this new version is not really ready for production...
>>>> There is so many strange things... Or misunderstanding whats going wrong
>>>
>>> I respect that some may be experiencing difficulties with deployment of
>>> Samba 3.6.0.
>>>
>>> I have been using 3.6.0 in its various pre-release forms (and now the
>>> stable release) for many months without a single problem. I have
>>> deployed it in some very complex as well as some simple configurations -
>>> all without any issues.
>>>
>>> The purpose of this response is to point out that Samba 3.6.0 is perhaps
>>> not as "not really ready" for production use readers of this list may
>>> interpret from these reports.
>>>
>>> Cheers,
>>> John T.
>>>
>>>>
>>>> Le lundi 15 août 2011 à 14:07 -0700, Linda W a écrit :
>>>>
>>>>>
>>>>>
>>>>> ` Peacock,Josh wrote:
>>>>>> I am also experiencing the same problems. I am running 3.6 on AIX
>>>>>> 6.1. I do have a 3.5.8 installation running without problem (I
>>>>>> understand some major changes have happened.) I took the smb.conf
>>>>>> from my 3.5.8 install and changed appropriately for 3.6 (At least as
>>>>>> far as I catell).
>>>>>>
>>>>> ----
>>>>> Yeah, I still have this error even after downgrading to 3.5.10 --
>>>>> I think 3.6 corrupted my userdb or changed the format... I suppose
>>>>> I need to allocate a new one and start from scratch to fix it...
>>>>>
>>>>> But lots of problems related to looking up the domain, the
>>>>> PDC and some users.
>>>>>
>>>>> I did try to report it, but since I wasn't certain what was going on and
>>>>> just had a bunch of random symptoms, I got ignored.
>>>>>
>>>>> But I did warn them that other users would likely have problems and
>>>>> should
>>>>> be warned... That was ignored too..
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>> I had the same error until today. It works for me with base_rid = 0
>>
>> TRY:
>>
>> idmap config MYDOMAIN : backend = rid
>> idmap config MYDOMAIN : range = 60000-50000000
>> idmap config MYDOMAIN : base_rid = 0
>>
>>
>>
>> --
>> Benedikt
>
>
> i have set
> idmap config MYDOMAIN : backend = ad
>
> Is there any difference using
>
> idmap config MYDOMAIN : backend = rid
>
> instead
>
> idmap config MYDOMAIN : backend = ad
>
> When using Active Directory ?
>
>
>
>
Check the man pages (man idmap_rid) and (man idmap_ad):
The RID method generates the uid/gid from the RID. As a result all users
in Active Directory can access the Samba server.
The AD method requires the use of the RFC2307bis extensions to the
Active Directory schema and that you populate the uid and gid in with
valid values using the Active Directory Users and Group management tool.
If you have not populated the RFC2307bis uid/gid values the user will
not be able to access the Samba server.
Using the AD method the systems administrator has control over which
users can and cannot access the Samba server/s.
- John T.
More information about the samba
mailing list