[Samba] help, please, troubleshooting winbind testing during setup of Samba 4 AD member server
L.P.H. van Belle
belle at bazuin.nl
Fri Jan 9 01:34:20 MST 2015
Hai,
Did you assign any UID/GID to users/groups in the AD.. i think not.
If No, please do so first else you wont see any output.
how : https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC
My advice use the windows ADUC to set the GID/UID
If Yes.. Ok.. thats strange,..
post your (sanitized) smb.conf
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: d3r3kshaw at gmail.com
>[mailto:samba-bounces at lists.samba.org] Namens BISI
>Verzonden: vrijdag 9 januari 2015 4:16
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] help, please, troubleshooting winbind
>testing during setup of Samba 4 AD member server
>
>Hello, all!
>
>Well, third time is *not* the charm for me. (I've been through the
>process 3 times with 3 different DCs).
>
>I am trying to set up a member server, using Samba 4.1.14, and washing
>out when getting to the winbind testing. I've tried ignoring
>the failure
>and pressing on, but that didn't get anywhere.
>
>In this instance, I have a freshly-installed, configured and
>functioning
>Server 2008r2 Domain Controller, operating at server 2003 forest and
>domain functional level.
>
>following the instructions in:
>https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
>https://wiki.samba.org/index.php/OS_Requirements
>
>
>Completely stock compile from the tarball. I am using Debian 7.7
>(wheezy), and samba 4.1.14,
>
>./configure --with-ads --with-shared-modules=idmap_ad --enable-cups \
> --enable-selftest
>
>make quicktest passes:
>make quicktest
> ...ALL OK (2086 tests in 310 testsuites)
>
> ...A summary with detailed information can be found in:
> ... ./st/summary
> ...'testonly' finished successfully (11m24.779s)
>
>./st/summary is found here:
>http://pastebin.com/zjkHDYUX
>
>
>daemons started manually with
>/usr/local/samba/sbin/smbd --daemon -l /var/log/samba/ -d 1
>/usr/local/samba/sbin/nmbd --daemon -l /var/log/samba/ -d 1
>/usr/local/samba/sbin/winbindd --daemon -l /var/log/samba/ -d 1
>
>
>The commands:
>wbinfo -u
>wbinfo -g
>show the users and groups from the AD Domain.
>
>but the other tests
># id DomainUser
># getent passwd
># getent group
># chown DomainUser:DomainGroup file
># chgrp DomainGroup file
>etc.
>do not get any information from the domain, seemingly only
>working with
>the local user information.
>
>Where do I begin troubleshooting?
>
>Any help/guidance is greatly appreciated.
>
>my smb.conf is here:
>http://pastebin.com/QJfh4RLN
>
>log.winbindd (created with debug level 1) is here:
>http://pastebin.com/S2maUADf
>
>Kerberos seems to be working:
>root at testmember:~# klist
>Ticket cache: FILE:/tmp/krb5cc_0
>Default principal: userID at HO.NAME.ORG
>
>Valid starting Expires Service principal
>08/01/2015 18:46 09/01/2015 04:46 krbtgt/HO.NAME.ORG at HO.NAME.ORG
> renew until 09/01/2015 18:46
>
>
>root at testmember:~# cat /etc/nsswitch.conf
># /etc/nsswitch.conf
>
>passwd: compat winbind
>group: compat winbind
>shadow: compat
><snip>
>
>DNS seems to be working:
>root at testmember:~# host -t SRV _ldap._tcp.ho.name.org.
>_ldap._tcp.ho.name.org has SRV record 0 100 389 namedc.ho.name.org.
>
>root at testmember:~# host -t SRV _kerberos._udp.ho.name.org.
>_kerberos._udp.ho.name.org has SRV record 0 100 88 namedc.ho.name.org.
>
>root at testmember:~# host -t A namedc.ho.name.org.
>namedc.ho.name.org has address 192.168.8.1
>
>Thanks in advance for any help!
>d.
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list