[Samba] wbinfo fails: Error looking up domain users
Rowland Penny
rowlandpenny at googlemail.com
Thu Jun 18 02:05:12 MDT 2015
On 18/06/15 07:14, Marc Rechté wrote:
> Thanks Rowland,
>
> I am trying to setup an AD member server. I followed the wiki
> (https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server). I
> am on Fedora 21.
>
> The domain join succeeded
>
> But wbinfo fails:
>
> $ wbinfo -u
> Error looking up domain users
>
> I tried to increase windbind log verbosity to 10, but I can see no
> trace when issuing wbinfo:
> /etc/smb.conf
> log level = winbind:10
>
>
> Here are some more details:
> ***************************
>
> # net ads testjoin
> Join is OK
>
> # wbinfo -u
> Error looking up domain users
>
> $ rpm -q samba-winbind
> samba-winbind-4.1.17-1.fc21.x86_64
>
> $ cat /etc/hosts
> 127.0.0.1 localhost.localdomain localhost
> ::1 localhost6.localdomain6 localhost6
> 192.168.0.84 linuxmr.studelec-sa.com linuxmr
>
> /etc/samba/smb.conf is here: http://pastebin.com/gAk6nX0x
>
> $ cat /etc/resolv.conf
> search studelec-sa.com
> nameserver 192.168.0.250
>
> $ cat /etc/krb5.conf (ALTHOUGH THE WIKI DOES STATE ANY CONFIGURATION
> IS REQUIRED IN THAT FILE)
> [logging]
> default = FILE:/var/log/krb5libs.log
> kdc = FILE:/var/log/krb5kdc.log
> admin_server = FILE:/var/log/kadmind.log
>
> [libdefaults]
> dns_lookup_realm = false
> ticket_lifetime = 24h
> renew_lifetime = 7d
> forwardable = true
> rdns = false
> # default_realm = EXAMPLE.COM
> # Utile ou pas ?
> default_realm = STUDELEC-SA.COM
> dns_lookup_kdc = true
> default_ccache_name = KEYRING:persistent:%{uid}
>
> [realms]
> # EXAMPLE.COM = {
> # kdc = kerberos.example.com
> # admin_server = kerberos.example.com
> # }
>
> [domain_realm]
> # .example.com = EXAMPLE.COM
> # example.com = EXAMPLE.COM
OK, there doesn't seem to much wrong with your smb.conf, only thing I
would change, remove this line:
server role = member server
My /etc/krb5.conf is just this:
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = true
But yours has those lines in it.
So, we fall back to what is usually the problem on redhat when something
doesn't work, Selinux. Try disabling this and see if this works, failing
that, is the firewall running ? if it is, try turning it off.
Rowland
More information about the samba
mailing list