[Samba] SAMBA 4 Member Server - Help please
d3r3kshaw at gmail.com
Sun Jan 18 19:32:12 MST 2015
On 15-01-15 11:13 AM, David Thompson wrote:
> No, I was adding their info to ADUC before as well before I sent this email to the list.
so things (getent passwd, etc) started working after you added sssd?
could you spare a moment and save me a whole bunch of search time and
provide me with the references you used?
For the record -- the issue last week started with a samba ad-dc, was
repeated with a test windows AD-DC and apparently solved with addition
of the IdMU service (and NIS info) on the windows AD-DC (the
maybe-equivalent of adding the NIS info via ADUC to a samba AD-DC), and
has now arisen again with a different test windows AD-DC with (90%
certainty) the same configuration as the first test windows AD-DC. In
the two windows AD-DC cases it is the same member server having the issue.
In other words, where once "id domainUser" "getent password" didn't
work, then worked after modifying the server, they no longer work with a
new server that had the modifications made when it was built.
so please, if your clown college classes aren't to consuming, please
drop me a line with the links!
> Rowland Penny <rowlandpenny at googlemail.com> , 1/15/2015 1:46 PM:
> On 15/01/15 18:33, David Thompson wrote:
>> Hi all,
>> After being pointed towards the sssd service, I setup and configured it and it appears to be running just fine. I can lookup my users and groups properly now once I add their information in the UNIX tab section in AD.
> So you are *now* adding their info via ADUC, that will be why winbind
> didn't work for you.
>> Thank you all to help me get where I am now. I can now continue to work and set this up. I am sure I will have more questions moving forward, but this mailing list has been a great resource, and hopefully one day I can contribute to it as opposed to just asking questions.
>> Off to clown college now.
>> Peter Serbe <peter at serbe.ch> , 1/15/2015 5:36 AM:
>>> If wbinfo -u does show users, but getent passwd does not, this
>>> is likely your problem.
>> Not necessarily. Try getent passwd administrator. If this works
>> for all Your users, then it is just sssd not enumerating all the
>> users, which does no harm at all. If getent passwd user does not
>> retrieve the user information, then something is broken indeed.
>> The next thing would be to check sssd. Does it start? Is the
>> keytab not outdated? Do a kinit -k /etc/krb5.keytab. If this
>> isn't working generate a new keytab.
>> To unsubscribe from this list go to the following URL and read the
>> instructions: Â https://lists.samba.org/mailman/options/samba
> To unsubscribe from this list go to the following URL and read the
> instructions: Â https://lists.samba.org/mailman/options/samba
More information about the samba