[Samba] AD Group lost from Winbind
oliver.werner at kontrast.de
Mon Feb 22 10:53:55 UTC 2016
was i typo
hq.internal was correct.
uidNumber and gidNumber is set for our own users and group, but not Administrator or Administrators.
Today it was an issue again on a member so i test command
and got the error
failed to call wbcGetgrnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for group group_intern
After restart windbag on domain member all looks ok again.
> Am 22.02.2016 um 10:21 schrieb Rowland penny <rpenny at samba.org>:
> On 22/02/16 08:32, Oliver Werner wrote:
>> we have tested last week our problem with change parameter
>> server services = -winbindd +winbind
>> but our member server get also the issue that the winbind lost user and group mapping for valid users.
>> so for the test i have changed on our three DCs the parameter above.
>> May i need to set this parameter on member server also?
> OK, I have been rereading this thread and I think Louis may have been sending you off on a wild goose chase here, if the problem occurs on a domain member, it very probably has nothing to do with how smb.conf is setup on the DC.
> What I did notice (and it is probably a typo) is this:
> In domain member smb.conf: realm = hq.internal
> In DC smb.conf:
> path = /var/lib/samba/sysvol/hq.kontrast/scripts
> Which is it ? 'hq.internal' or 'hq.kontrast'
> You should also add these lines to the smb.conf on the domain member:
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
> Have you given a uidNumber attribute to users in AD and if you have, does this include Administrator ?
> Have you given a gidNumber attribute to groups in AD and if you have, does this include groups such as Administrators ?
> To be honest it sounds like the kerberos ticket could be expiring and not getting renewed.
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the samba