[Samba] Samba 4 / idmap / NIS / winbind
Rowland Penny
rowlandpenny at googlemail.com
Sat Jun 7 14:35:16 MDT 2014
On 07/06/14 21:31, Vogel, Sven wrote:
> Hi,
>
> how can i get work Samba 4 Sernet 4.1.7 correctly with NIS. Ist provisioned with rfc2307.
>
> When i query a User withi get the following.
>
> getent passwd testswi
> SWI\testswi:*:10000:100:testswi:/home/SWI/testswi:/bin/false
>
> I want to change /bin/false to a other value /bin/bash
>
> I tried many things to change the value.
>
> 1. ldbedit -e vim -H /var/lib/samba/private/sam.ldb samaccountname=testswi
> i added "loginShell = /bin/bash" and got
>
> ----------------------------------------------------------------------------------------------------------------------------
> # record 1
> dn: CN=testswi,OU=Benutzer,OU=SWI,DC=swi,DC=local
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> cn: testswi
> givenName: testswi
> instanceType: 4
> whenCreated: 20140530142421.0Z
> displayName: testswi
> uSNCreated: 12359
> name: testswi
> objectGUID: d6ebbae7-8ec0-4a89-828d-58c10a7c9f99
> userAccountControl: 66048
> codePage: 0
> countryCode: 0
> pwdLastSet: 130459334610000000
> primaryGroupID: 513
> objectSid: S-1-5-21-1143642306-2581635645-836595807-1605
> accountExpires: 9223372036854775807
> sAMAccountName: testswi
> sAMAccountType: 805306368
> userPrincipalName: testswi at swi.local
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=swi,DC=local
> loginShell: /bin/bash
> whenChanged: 20140605153458.0Z
> uSNChanged: 13969
> distinguishedName: CN=testswi,OU=Benutzer,OU=SWI,DC=swi,DC=local
> ----------------------------------------------------------------------------------------------------------------------------
>
> nothing changed always /bin/false when i use getent passwd ...
>
> 2. i tried the the Windows Remote Administration Tools and the Unix tab in Windows
>
> I added NIS Domain, UID, GID, home and login shell but also nothing changed... i got the following
>
> # record 1
> dn: CN=testswi,OU=Benutzer,OU=SWI,DC=swi,DC=local
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> cn: testswi
> givenName: testswi
> instanceType: 4
> whenCreated: 20140530142421.0Z
> displayName: testswi
> uSNCreated: 12359
> name: testswi
> objectGUID: d6ebbae7-8ec0-4a89-828d-58c10a7c9f99
> userAccountControl: 66048
> codePage: 0
> countryCode: 0
> pwdLastSet: 130459334610000000
> primaryGroupID: 513
> objectSid: S-1-5-21-1143642306-2581635645-836595807-1605
> accountExpires: 9223372036854775807
> sAMAccountName: testswi
> sAMAccountType: 805306368
> userPrincipalName: testswi at swi.local
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=swi,DC=local
> loginShell: /bin/bash
> whenChanged: 20140607194437.0Z
> uSNChanged: 14355
> unixUserPassword: ABCD!efgh12345$67890
> uid: testswi
> msSFU30Name: testswi
> msSFU30NisDomain: swi
> uidNumber: 10000
> gidNumber: 100
> unixHomeDirectory: /home/testswi
> distinguishedName: CN=testswi,OU=Benutzer,OU=SWI,DC=swi,DC=local
>
> when i use getent passwd testswi i always get the same as above. /bin/false
>
> Questions.
>
> Is that a problem from winbind in samba 4 that not all thing will correctly set or supported? W
>
> Where get getent passwd ... the information from? I know ist winbind but whats wrong?
>
> I read about some user they use sssd or nlcd. Is that the solution for samba 4?
>
> I am confused. Anyone who can explain that?
>
> Thanks for help
>
> Sven Vogel
>
>
HI, add 'template shell = /bin/bash' to smb.conf and restart samba, or
add the required RFC2307 attributes to the users and groups.
Rowland
More information about the samba
mailing list