[Samba] getent passwd fails inside freebsd jail using samba 3.4.14
Quinn Fissler
qfissler at gmail.com
Thu Sep 22 08:33:49 MDT 2011
Doing what you're doing is using the wrong machine name when making the
query.
I presume that ABPSVC-UNIX2 is your server and your client is in the jail
on that machine.
You'd need a separate configuration instead of a copy from the server so
that the jail appears to be a separate client.
I've never done this.
On 22 September 2011 15:09, Kamil Choudhury
<Kamil.Choudhury at anserinae.net>wrote:
> I've been messing around with running samba 3.4.14 inside a freebsd jail
> over
> the last couple of days, and am running into an odd problem where wbinfo -u
> and wbinfo -g succeed, but getent passwd fails (insofar that it shows only
> local users, but none of the domain users).
>
> Here's my smb.conf:
>
> [global]
>
> interfaces =192.168.0.16/32
> bind interfaces only =yes
> security =ads
> realm =domain.net
> password server =awpsvc-win1.domain.net
> workgroup =DOMAIN
> idmap uid =10000-20000
> idmap gid =10000-20000
> idmap config DOMAIN: backend = ad
> idmap config DOMAIN : range = 40000-60000
> winbind nss info =rfc2307
> winbind enum users =yes
> winbind enum groups =yes
> winbind nested groups =yes
> winbind expand groups =1
> template homedir =/home/%D/%U
> template shell =/usr/local/bin/bash
> client use spnego =yes
> client ntlmv2 auth =yes
> encrypt passwords =yes
> winbind use default domain =yes
> restrict anonymous =2
> acl check permissions =yes
> follow symlinks =yes
> wide links =yes
> unix extensions =no
>
> And my /etc/nsswitch.conf file:
>
> group: winbind files
> group_compat: nis
> hosts: files dns
> networks: files
> passwd: winbind files
> passwd_compat: nis
> shells: files
> services: compat
> services_compat: nis
> protocols: files
> rpc: files
>
> Doing a getent passwd results in the following output to log.winbindd:
>
> [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
> could not look up gid for group ExchangeLegacyInterop
> [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
> could not look up gid for group Schema Admins
> [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
> could not look up gid for group Enterprise Admins
> [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
> could not look up gid for group Enterprise Read-only Domain Controllers
> ...
>
> ...and the following in log.nbmd:
>
> [2011/09/22 00:29:46, 0] nmbd/nmbd_packets.c:1079(process_browse_packet)
> process_browse_packet: Discarding datagram from IP 192.168.0.16. Source
> name ABPSVC-UNIX2<00> is one of our names !
> [2011/09/22 00:29:46, 0] nmbd/nmbd_packets.c:1079(process_browse_packet)
> process_browse_packet: Discarding datagram from IP 192.168.0.16. Source
> name ABPSVC-UNIX2<00> is one of our names !
>
> The configuration is known to work *outside* a jail -- is there something
> I should be doing differently in order to get winbind to work cleanly?
>
> Thanks in advance,
> Kamil
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list