[Samba] wbinfo -u Don't show users from trusted(ing) domain on domain member server

Wasil sub_wasil at mail.ru
Wed Mar 16 10:04:14 MDT 2011


Of course.
I can view own samba domain users.


Wed, 16 Mar 2011 08:58:48 -0700 письмо от Bob Miller <bob at computerisms.ca>:

> Hi,
> Did you join your DMS to the domain?
> 
> 
> 
> On Wed, 2011-03-16 at 12:35 +0300, Wasil wrote:
> > Hi, All!
> > 
> > I Have Samba (3.5.6) domain witch have trust relations with ADS (Named TEST)
> Win2008 (2008 domain mode)
> > On PDC all working very good.
> > I have also Domain Member server in my samba Domain.
> > When i trying type wbinfo -u, or  getent passwd on samba PDC (Named BINKLG)
> I see all, including ADS users.
> > When I trying do it on Domain Member Server I don't see users from ADS
> > Is it possible to view thats users (from trusted domain) on DMS (not BDC)?
> > 
> > Samba 3.5.6
> > 
> > after typing wbinfo -u:
> > 
> > suspicious strings in log files 
> > 
> > loglevel 10:
> > log.wb-TEST
> > [2011/03/16 10:55:56.466417, 10]
> winbindd/winbindd_util.c:1337(winbindd_can_contact_domain)
> >   winbindd_can_contact_domain: TEST is an AD domain and we have no inbound
> trust.
> > [2011/03/16 10:55:56.466470, 10] winbindd/winbindd_rpc.c:55(query_user_list)
> >   query_user_list: No incoming trust for domain TEST 
> > 
> > loglevel 3:
> > log.wb-TEST
> > [2011/03/16 11:07:23.731615,  3] winbindd/winbindd_cm.c:1633(connection_ok)
> >   connection_ok: Connection to KLG-PDC1 for domain BINKLG is not connected
> > [2011/03/16 11:07:23.731717,  3]
> winbindd/winbindd_cm.c:1736(set_dc_type_and_flags_trustinfo)
> >   set_dc_type_and_flags_trustinfo: No connection to our domain!
> > [2011/03/16 11:07:23.742157,  3] winbindd/winbindd_rpc.c:48(query_user_list)
> >   rpc: query_user_list 
> > 
> > smb.conf
> > [global]
> > workgroup = BINKLG
> > security = domain
> > netbios name = DW-DEBIAN
> > username map = /etc/samba/smbusers
> > log level= 10
> > syslog = 0
> > log file = /var/log/samba/%m
> > max log size = 0
> > #smb ports = 139
> > name resolve order = wins bcast hosts
> > wins server = xx.xx.xx.xx
> > idmap uid = 10000 - 20000
> > idmap gid = 10000 - 20000
> > template shell = /bin/bash
> > #winbind separator = +
> > realm = XXX.XXXX.XXX
> > encrypt passwords = yes
> > winbind use default domain = yes
> > winbind enum users = yes
> > winbind enum groups = yes
> > allow trusted domains = yes
> > winbind nested groups = yes
> > #client use spnego = no
> > password server = KLG-PDC1
> > 
> > nsswitch.conf 
> > passwd:         files ldap winbind
> > group:          files ldap winbind
> > shadow:         files ldap winbind 
> > hosts:          files wins dns
> > networks:       files
> > protocols:      db files
> > services:       db files
> > ethers:         db files
> > rpc:            db files
> > publickey:    nisplus
> > netgroup:       files 
> > 
> > libnss_ldap.conf
> > host xx.xx.xx.xx
> > base dc=xxx,dc=xxxxx,dc=xxx
> > binddn cn=Administrator,dc=xxx,dc=xxxxx,dc=xxx
> > bindpw xxxxxxx
> > timelimit 50
> > bind_timelimit 50
> > bind_policy hard
> > idle_timelimit 3600
> > pam_password exop
> > nss_base_passwd dc=xxx,dc=xxxxx,dc=xxx
> > nss_base_shadow dc=xxx,dc=xxxxx,dc=xxx
> > nss_base_group dc=xxx,dc=xxxxx,dc=xxx
> > ssl off 
> > 
> > Thank you,
> > Wasil.
> > 
> 
> Bob Miller
> 334-7117/660-5315
> http://computerisms.ca
> bob at computerisms.ca
> Network, Internet, Server,
> and Open Source Solutions



More information about the samba mailing list