[Samba] getent passwd fails inside freebsd jail using samba 3.4.14
Kamil Choudhury
Kamil.Choudhury at anserinae.net
Thu Sep 22 08:09:17 MDT 2011
I've been messing around with running samba 3.4.14 inside a freebsd jail over
the last couple of days, and am running into an odd problem where wbinfo -u
and wbinfo -g succeed, but getent passwd fails (insofar that it shows only
local users, but none of the domain users).
Here's my smb.conf:
[global]
interfaces =192.168.0.16/32
bind interfaces only =yes
security =ads
realm =domain.net
password server =awpsvc-win1.domain.net
workgroup =DOMAIN
idmap uid =10000-20000
idmap gid =10000-20000
idmap config DOMAIN: backend = ad
idmap config DOMAIN : range = 40000-60000
winbind nss info =rfc2307
winbind enum users =yes
winbind enum groups =yes
winbind nested groups =yes
winbind expand groups =1
template homedir =/home/%D/%U
template shell =/usr/local/bin/bash
client use spnego =yes
client ntlmv2 auth =yes
encrypt passwords =yes
winbind use default domain =yes
restrict anonymous =2
acl check permissions =yes
follow symlinks =yes
wide links =yes
unix extensions =no
And my /etc/nsswitch.conf file:
group: winbind files
group_compat: nis
hosts: files dns
networks: files
passwd: winbind files
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
Doing a getent passwd results in the following output to log.winbindd:
[2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
could not look up gid for group ExchangeLegacyInterop
[2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
could not look up gid for group Schema Admins
[2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
could not look up gid for group Enterprise Admins
[2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
could not look up gid for group Enterprise Read-only Domain Controllers
...
...and the following in log.nbmd:
[2011/09/22 00:29:46, 0] nmbd/nmbd_packets.c:1079(process_browse_packet)
process_browse_packet: Discarding datagram from IP 192.168.0.16. Source name ABPSVC-UNIX2<00> is one of our names !
[2011/09/22 00:29:46, 0] nmbd/nmbd_packets.c:1079(process_browse_packet)
process_browse_packet: Discarding datagram from IP 192.168.0.16. Source name ABPSVC-UNIX2<00> is one of our names !
The configuration is known to work *outside* a jail -- is there something
I should be doing differently in order to get winbind to work cleanly?
Thanks in advance,
Kamil
More information about the samba
mailing list