[Samba] Winbind does not read uidNumber

steve steve at steve-ss.com
Mon Jun 30 03:04:34 MDT 2014


On Mon, 2014-06-30 at 09:56 +0200, Lars Hanke wrote:
> Working through the fresh checklist:
> 
> 1. DC smb.conf:
> 
> my smb.conf also has "idmap_ldb:use rfc2307 = yes" and was provisioned 
> with rfc2307. Is this a killer?
No, unless you wish to use the builtin winbind in samba.
> 
> 2. Client smb.conf:
> 
> looks good
> 
> 3. Database check:
> 
> no gidNumber here, add gidNumber: 10000
> 
> retried on the client, still no users
No. This is not within your domain range.
> 
> 4. check for local user
> 
> getent passwd | grep -i mgr has no hits on either machine. But to check 
> for local entries probably
> 
> grep -i user /etc/passwd
> 
> is more appropriate.
However you wish. Just make sure there is a unique domain user.
> 
> 5. uid and gid for the user entry
> 
> looks nice:
> 
> root at samba:/# ldbsearch -H /srv/files/private/sam.ldb sAMAccountName=mgr 
> uid uidNumber gidNumber
> # record 1
> dn: CN=Lars LH. Hanke,CN=Users,DC=ad,DC=microsult,DC=de
> uid: mgr
> uidNumber: 1001
> gidNumber: 1999
Contradicts with what you have for (3)
> 
> 5. keytab (double numbering!)
> 
> klist -k doesn't work, since Heimdal klist has no option -k. This is MIT 
> syntax, if I recall correctly.
OK. Remove the keytab and recreate it.





More information about the samba mailing list