[Samba] Samba3 File Server + Winbind -- AD Authentication Flaky/Inconsistent/Unreliable

Michael Ray mray at xes-inc.com
Fri Jan 25 15:21:07 MST 2013

Hey all, 

So, there are about a billion guides on the interwebs about how to have a samba3 file share authenticate against a samba4 AD. 

However, I am having two giant problems: one problem is that my problems are not consistent and the second problem is that it isn't working (presently). 

Long, sad story in a nut shell: my co-worker and I had spent several hours Monday/Tuesday futzing with this to work and at one point had it working. wbinfo -u, wbinfo -g, getent passwd and getent group were all returning local and AD users/groups. The world was wonderful. A snapshot of that working VM was taken the following morning (the **only** thing that happened to that VM between it working and the snapshot being taken was it was shutdown). 

When I fired it up today though, it did not work. wbinfo still gave AD info, but getent just would not have it. I restored to the snapshot just to be sure nothing had happened and the same issue persisted. 

I checked the various logs and I did not see any errors of any kind. 

This is a link to pastebin that shows my configuration files for krb5, nsswitch and smb as they were saved the morning after I got this working. 

I do not know what could have gone wrong, but it has. I will be trying to go through my documented procedure on Monday with a clean VM and then trying it with various random internet procedures if that fails. 

Any ideas / clues as to what blew up would be appreciated, as well as links to guides that people have used successfully. 

Thanks much, 
Mike Ray 

More information about the samba mailing list