[Samba] wbinfo -i -> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Jeff Dickens
jeff at seamanpaper.com
Tue Nov 17 23:12:15 UTC 2015
Created a new thread because I screwed up and top-posted.
So I am still stuck. For reference here is the smb.conf on the member
server:
root at florence:~# more /etc/samba/smb.conf
[global]
netbios name = FLORENCE
security = ADS
workgroup = IOL
realm = IOL.SEAMANPAPER.COM <http://iol.seamanpaper.com/>
log file = /var/log/samba/%m.log
log level = 1
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind refresh tickets = yes
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
# idmap config used for your domain.
# Choose one of the following backends fitting to your
# requirements and add the corresponding configuration.
# idmap config ad
# - idmap config rid
# - idmap config autorid
idmap config *:backend = tdb
idmap config *:range = 2000-9999
idmap config IOL:backend = ad
idmap config IOL:schema_mode = rfc2307
idmap config IOL:range = 1000000-9999999
winbind nss info = rfc2307
[home]
path=/home/
read only = No
I increased the range because it seems like the DC is using IDs above
1,000,000. This is on the DC:
root at athens:~# wbinfo -u
administrator
test1
krbtgt
guest
root at athens:~# wbinfo -i administrator
administrator:*:0:100::/home/IOL/administrator:/bin/false
root at athens:~# wbinfo -i test1
test1:*:3000019:100:Test One:/home/IOL/test1:/bin/false
root at athens:~#
And on the member server:
root at florence:~# wbinfo -u
administrator
test1
krbtgt
guest
root at florence:~# wbinfo -i administrator
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user administrator
root at florence:~# wbinfo -i test1
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user test1
root at florence:~#
Also:
root at florence:~# wbinfo -n test1
S-1-5-21-870066441-3049097475-1009130827-1105 SID_USER (1)
root at florence:~# wbinfo -n administrator
S-1-5-21-870066441-3049097475-1009130827-500 SID_USER (1)
Thought it might have something to do with the fact that the Kerberos user
tools were not installed -but I set them up and no change.
root at florence:~# kinit administrator at IOL.SEAMANPAPER.COM
Password for administrator at IOL.SEAMANPAPER.COM:
root at florence:~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator at IOL.SEAMANPAPER.COM
Valid starting Expires Service principal
11/17/2015 17:20:51 11/18/2015 03:20:51 krbtgt/
IOL.SEAMANPAPER.COM at IOL.SEAMANPAPER.COM
renew until 11/18/2015 17:19:59
root at florence:~# wbinfo -i test1
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user test1
root at florence:~# !smbc
smbcontrol all reload-config
root at florence:~# wbinfo -i test1
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user test1
root at florence:~#
I found a note about a missing link to libnss_winbind.so.2.. fixed that and
no difference.
So it can list the users but not get the IDs... So it seems to have some
kind of authentication issue.
I've been all through the wiki and can't find anything else that seems
relevant.
--
* Jeff Dickens*
IT Manager 978-632-1513
More information about the samba
mailing list