[Samba] getent passwd fails inside freebsd jail using samba 3.4.14

Quinn Fissler qfissler at gmail.com
Thu Sep 22 08:33:49 MDT 2011 

Doing what you're doing is using the wrong machine name when making the
query.

I presume that ABPSVC-UNIX2 is your server and your client is in the jail
on that machine.

You'd need a separate configuration instead of a copy from the server so
that the jail appears to be a separate client.

I've never done this.



On 22 September 2011 15:09, Kamil Choudhury
<Kamil.Choudhury at anserinae.net>wrote:

> I've been messing around with running samba 3.4.14 inside a freebsd jail
> over
> the last couple of days, and am running into an odd problem where wbinfo -u
> and wbinfo -g succeed, but getent passwd fails (insofar that it shows only
> local users, but none of the domain users).
>
> Here's my smb.conf:
>
> [global]
>
> interfaces                 =192.168.0.16/32
> bind interfaces only       =yes
> security                   =ads
> realm                      =domain.net
> password server            =awpsvc-win1.domain.net
> workgroup                  =DOMAIN
> idmap uid                  =10000-20000
> idmap gid                  =10000-20000
> idmap config DOMAIN: backend = ad
> idmap config DOMAIN     : range   = 40000-60000
> winbind nss info           =rfc2307
> winbind enum users         =yes
> winbind enum groups        =yes
> winbind nested groups      =yes
> winbind expand groups      =1
> template homedir           =/home/%D/%U
> template shell             =/usr/local/bin/bash
> client use spnego          =yes
> client ntlmv2 auth         =yes
> encrypt passwords          =yes
> winbind use default domain =yes
> restrict anonymous         =2
> acl check permissions      =yes
> follow symlinks            =yes
> wide links                 =yes
> unix extensions            =no
>
> And my /etc/nsswitch.conf file:
>
> group: winbind files
> group_compat: nis
> hosts: files dns
> networks: files
> passwd: winbind files
> passwd_compat: nis
> shells: files
> services: compat
> services_compat: nis
> protocols: files
> rpc: files
>
> Doing a getent passwd results in the following output to log.winbindd:
>
> [2011/09/22 00:22:00,  1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
>  could not look up gid for group ExchangeLegacyInterop
> [2011/09/22 00:22:00,  1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
>  could not look up gid for group Schema Admins
> [2011/09/22 00:22:00,  1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
>  could not look up gid for group Enterprise Admins
> [2011/09/22 00:22:00,  1] winbindd/winbindd_group.c:1366(winbindd_getgrent)
>  could not look up gid for group Enterprise Read-only Domain Controllers
> ...
>
> ...and the following in log.nbmd:
>
> [2011/09/22 00:29:46,  0] nmbd/nmbd_packets.c:1079(process_browse_packet)
>  process_browse_packet: Discarding datagram from IP 192.168.0.16. Source
> name ABPSVC-UNIX2<00> is one of our names !
> [2011/09/22 00:29:46,  0] nmbd/nmbd_packets.c:1079(process_browse_packet)
>  process_browse_packet: Discarding datagram from IP 192.168.0.16. Source
> name ABPSVC-UNIX2<00> is one of our names !
>
> The configuration is known to work *outside* a jail -- is there something
> I should be doing differently in order to get winbind to work cleanly?
>
> Thanks in advance,
> Kamil
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list