[Samba] wbinfo fails: Error looking up domain users
Marc Rechte
mrechte at studelec-sa.com
Fri Jun 19 01:03:42 MDT 2015
Opened a bug on Fedora and solution was given: one must uninstall
sssd-libwbclient package.
Now let's move to the next problem: nsswitch does not see the domain
users / groups, but I assume this is out of the scope of this list ?
Thanks
Le 18/06/2015 10:05, Rowland Penny a écrit :
> On 18/06/15 07:14, Marc Rechté wrote:
>> Thanks Rowland,
>>
>> I am trying to setup an AD member server. I followed the wiki
>> (https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server). I
>> am on Fedora 21.
>>
>> The domain join succeeded
>>
>> But wbinfo fails:
>>
>> $ wbinfo -u
>> Error looking up domain users
>>
>> I tried to increase windbind log verbosity to 10, but I can see no
>> trace when issuing wbinfo:
>> /etc/smb.conf
>> log level = winbind:10
>>
>>
>> Here are some more details:
>> ***************************
>>
>> # net ads testjoin
>> Join is OK
>>
>> # wbinfo -u
>> Error looking up domain users
>>
>> $ rpm -q samba-winbind
>> samba-winbind-4.1.17-1.fc21.x86_64
>>
>> $ cat /etc/hosts
>> 127.0.0.1 localhost.localdomain localhost
>> ::1 localhost6.localdomain6 localhost6
>> 192.168.0.84 linuxmr.studelec-sa.com linuxmr
>>
>> /etc/samba/smb.conf is here: http://pastebin.com/gAk6nX0x
>>
>> $ cat /etc/resolv.conf
>> search studelec-sa.com
>> nameserver 192.168.0.250
>>
>> $ cat /etc/krb5.conf (ALTHOUGH THE WIKI DOES STATE ANY CONFIGURATION
>> IS REQUIRED IN THAT FILE)
>> [logging]
>> default = FILE:/var/log/krb5libs.log
>> kdc = FILE:/var/log/krb5kdc.log
>> admin_server = FILE:/var/log/kadmind.log
>>
>> [libdefaults]
>> dns_lookup_realm = false
>> ticket_lifetime = 24h
>> renew_lifetime = 7d
>> forwardable = true
>> rdns = false
>> # default_realm = EXAMPLE.COM
>> # Utile ou pas ?
>> default_realm = STUDELEC-SA.COM
>> dns_lookup_kdc = true
>> default_ccache_name = KEYRING:persistent:%{uid}
>>
>> [realms]
>> # EXAMPLE.COM = {
>> # kdc = kerberos.example.com
>> # admin_server = kerberos.example.com
>> # }
>>
>> [domain_realm]
>> # .example.com = EXAMPLE.COM
>> # example.com = EXAMPLE.COM
>
More information about the samba
mailing list