[Samba] winbind does not work+sernet package+samba 4.2

Mon Sep 7 16:19:32 UTC 2015

On 07/09/15 16:55, Yanni wrote:
> Hello
>
> After failing to join my samba box to winAD 2012, I went and 
> downloaded the sernet packages
> and samba box join the AD domain using "samba-tool" with no problems.
> However I've got problems with winbind.
>
> wbinfo -u returns:
>
> could not obtain winbind interface details: WBC_ERR_WINBIND_NOT_AVAILABLE
> could not obtain winbind domain name!
> Error looking up domain users
>
> Here is my SMB.CONF
> ----------------------------------------------------------
> [global]
>   server string = Samba4 file server
>   workgroup = TESTAD
>   security = ADS
>   realm = TESTAD.BIO.AC.UK
>
>
>    domain master = no
>    prefered master = no
>    local master = no
>    os level = 0
>    browse list = yes
>
>
>   encrypt passwords = yes
>   template shell = /bin/bash
>   netbios name = JIMMY
>   name resolve order = bcast
>
>   idmap config *:backend = tdb
>   idmap config *:range = 2000-3999
>   idmap config TESTAD: backend = rid
>   idmap config TESTAD: range = 10000-99999
>
>
>    winbind trusted domains only = no
>    winbind use default domain = yes
>    winbind enum users = yes
>    winbind enum groups = yes
>    winbind refresh tickets = Yes
>    winbind expand groups = 4
>    winbind normalize names = Yes
>
>
> #Logging Settings
>    log level = 3
>    log file = /var/log/samba/log.%m
>    max log size = 50
>
> [profs]
>    comment = WinProfsStorage
>    path = /disk1/profs
>    read only = no
>    store dos attributes = yes
> -----------------------------------------------------------------
> My /etc/krb5.conf
> ----------------------------------------------------------------
> [logging]
>  default = FILE:/var/log/krb5libs.log
>  kdc = FILE:/var/log/krb5kdc.log
>  admin_server = FILE:/var/log/kadmind.log
>
> [libdefaults]
>  dns_lookup_realm = true
>  dns_lookup_kdc = true
>  ticket_lifetime = 24h
>  renew_lifetime = 7d
>  forwardable = true
>  rdns = false
>  default_ccache_name = KEYRING:persistent:%{uid}
>
> [realms]
>         TESTAD.BIO.AC.UK = {
>                                     kdc = TESTSERVER1.TESTAD.BIO.AC.UK
>                                     default_domain = TESTAD.BIO.AC.UK
>                                   }
>
> [domain_realm]
>              .testad.bio.ac.uk = TESTAD.BIO.AC.UK
>              testad.bio.ac.uk = TESTAD.BIO.AC.UK
> -------------------------------------------------------------------
>
> Any suggestions, please?
>
> Many thanks for you help
>
>
>

Is winbind running ?
What does 'ps ax | grep winbind' show ?

Your /etc/krb5.conf only needs to be this:

[libdefaults]
      default_realm = TESTAD.BIO.AC.UK
      dns_lookup_realm = false
      dns_lookup_kdc = true

Does /etc/resolv.conf point to the DC as the first nameserver ?

Rowland