[Samba] Winbind problems
Marcio Demetrio Bacci
marciobacci at gmail.com
Mon Feb 3 18:03:35 UTC 2020
Hi,
I have a problem in my Samba 4 file server.
I tried to change a directory's permission, but domain groups are not
recognized:
chown root:"Domain Admins" /home/Empresa
chown: invalid group: “root:Domain Admins”
When I run "getent passwd" command, only local user are listed.
wbinfo commands (wbinfo -g, wbinfo -u, wbinfo -a <user>) are working
properly.
The following are my configurations files:
cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files winbind
group: files winbind
shadow: compat
gshadow: files
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
cat /usr/local/samba/etc/smb.conf
[global]
netbios name = FILESERVER
workgroup = EMPRESA
security = ADS
realm = EMPRESA.COM.BR
encrypt passwords = yes
username map = /usr/local/samba/etc/user.map
log file = /var/log/samba/%m.log
log level = 1
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config EMPRESA:backend = ad
idmap config EMPRESA:schema_mode = rfc2307
idmap config EMPRESA:range = 10000-999999
idmap config EMPRESA:unix_nss_info = yes
idmap config EMPRESA:unix_primary_group = yes
winbind nss info = rfc2307
winbind refresh tickets = Yes
winbind separator = +
winbind use default domain = yes
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
template shell = /bin/bash
template homedir = /home/%U
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
[Empresa]
comment = Compartilhamentos
path = /home/Empresa
valid users = +EMPRESA\"Domain Users"
guest ok = no
writable = yes
browsable = yes
create mask = 0777
directory mask = 0777
cat /etc/resolv.conf
domain empresa.com.br
search empresa.com.br
nameserver 192.168.1.20
nameserver 192.168.1.22
cat /etc/hosts
127.0.0.1 localhost
192.168.1.23 fileserver.empresa.com.br fileserver
netstat -lntup
Conexões Internet Ativas (sem os servidores)
Proto Recv-Q Send-Q Endereço Local Endereço Remoto Estado
PID/Program name
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN
511/lighttpd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
620/master
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
720/smbd
tcp 0 0 0.0.0.0:20000 0.0.0.0:* LISTEN
443/sshd
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN
419/zabbix_agentd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
720/smbd
tcp6 0 0 :::81 :::* LISTEN
511/lighttpd
tcp6 0 0 ::1:25 :::* LISTEN
620/master
tcp6 0 0 :::445 :::* LISTEN
720/smbd
tcp6 0 0 :::20000 :::* LISTEN
443/sshd
tcp6 0 0 :::10050 :::* LISTEN
419/zabbix_agentd
tcp6 0 0 :::139 :::* LISTEN
720/smbd
udp 0 0 0.0.0.0:54695 0.0.0.0:*
359/rsyslogd
udp 0 0 192.168.1.23:123 0.0.0.0:*
643/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:*
643/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:*
643/ntpd
udp 0 0 192.168.255.255:137 0.0.0.0:*
684/nmbd
udp 0 0 192.168.1.23:137 0.0.0.0:*
684/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:*
684/nmbd
udp 0 0 192.168.255.255:138 0.0.0.0:*
684/nmbd
udp 0 0 192.168.1.23:138 0.0.0.0:*
684/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:*
684/nmbd
udp6 0 0 fe80::5054:ff:fe00::123 :::*
643/ntpd
udp6 0 0 ::1:123 :::*
643/ntpd
udp6 0 0 :::123 :::*
643/ntpd
The samba service isn't started, only smbd, nmbd and winbind services are
started.
I verified that libnss-winbind package isn't installed. Is this package
necessary?
Could anybody help me?
Regards,
Márcio Bacci
More information about the samba
mailing list