[Samba] Share won't mount -- how to debug?
Patrick Goetz
pgoetz at math.utexas.edu
Wed Nov 3 16:24:41 UTC 2021
Hi Louis -
Yep:
root at data2:/data# dpkg -l | grep winbind
ii libnss-winbind:amd64 2:4.15.1+dfsg-0.1focal1
amd64 Samba nameservice integration plugins
ii libpam-winbind:amd64 2:4.15.1+dfsg-0.1focal1
amd64 Windows domain authentication integration plugin
ii libwbclient0:amd64 2:4.15.1+dfsg-0.1focal1
amd64 Samba winbind client library
ii winbind 2:4.15.1+dfsg-0.1focal1
amd64 service to resolve user and group information from
Windows NT servers
And the package manager edited the appropriate files in /etc/pam.d for
me, although I don't think PAM is related to this problem.
BTW,
getent passwd DOMAIN-USER
won't work if libnss-winbind isn't installed with /etc/nsswitch.conf
properly configured.
On 11/3/21 11:05, L.P.H. van Belle via samba wrote:
> Hai,
>
> Did you install : libnss-winbind libpam-winbind ?
>
>
> Greetz,
>
> Louis
>
>
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>> Patrick Goetz via samba
>> Verzonden: woensdag 3 november 2021 16:59
>> Aan: Samba listserv
>> Onderwerp: [Samba] Share won't mount -- how to debug?
>>
>> Sorry for spamming the list today.
>>
>> I'm slowly testing out my new Samba AD network. At the moment
>> I'm trying
>> to mount a share on a W10 client from a CMD prompt, and the mount is
>> failing:
>>
>> net use G: \\data2\share
>>
>> I tried a suggestion from Louis to use the FQDN:
>>
>> net use G: \\data2.ea.linuxcs.com\share
>>
>> and it still failed, but with a different Windows error
>> message. When I
>> tail -f /var/log/samba/smbd on the fileserver I see
>>
>>
>> ---------------------------
>> [2021/11/03 10:20:25.088689, 0]
>> ../../source3/auth/token_util.c:565(add_local_groups)
>> add_local_groups: SID
>> S-1-5-21-2398640129-655337111-1434392923-1103
>> -> getpwuid(11103) failed, is nsswitch configured?
>> [2021/11/03 10:20:35.371582, 0]
>> ../../source3/auth/token_util.c:565(add_local_groups)
>> add_local_groups: SID
>> S-1-5-21-2398640129-655337111-1434392923-1103
>> -> getpwuid(11103) failed, is nsswitch configured?
>> [2021/11/03 10:20:35.383936, 0]
>> ../../source3/auth/token_util.c:565(add_local_groups)
>> add_local_groups: SID
>> S-1-5-21-2398640129-655337111-1434392923-1103
>> -> getpwuid(11103) failed, is nsswitch configured?
>> ---------------------------
>>
>>
>> 11103 is the uid of the user I'm trying to connect this share
>> for. The
>> suggestion is that nsswitch.conf isn't configured, but in fact it is:
>>
>> root at data2:/etc# cat nsswitch.conf
>> # /etc/nsswitch.conf
>> #
>> # Example configuration of GNU Name Service Switch functionality.
>> # If you have the `glibc-doc-reference' and `info' packages
>> installed, try:
>> # `info libc "Name Service Switch"' for information about this file.
>>
>> passwd: files systemd winbind
>> group: files systemd winbind
>> ...
>>
>>
>>
>> I know I'm using the correct password, because I used it to log in on
>> the W10 client as this user. Any thoughts on what I should
>> look at next?
>>
>>
>> Other AD stuff works properly:
>> root at data2:/etc# getent passwd patrickgoetz
>> patrickgoetz:*:11104:10513::/home/EA/patrickgoetz:/bin/false
>> root at data2:/etc# wbinfo -i mduffy
>> mduffy:*:11103:10513::/home/EA/mduffy:/bin/false
>>
>>
>>
>> The share has appropriate ACLs set:
>>
>> root at data2:/data# ls -ld share
>> drwxrwx--- 2 root staff 4096 Nov 2 19:15 share
>>
>>
>> The user is a member of the staff group. I can't get
>> `get-adgroup` or
>> `get-adgroupmember` to work in PowerShell to demonstrate this;
>> presumably this has to do with the Windows web interface thing.
>>
>>
>> And here is the resource section from smb.conf:
>>
>> [share]
>> comment = Share Directory
>> path = /data/share
>> guest ok = no
>> browseable = yes
>> writeable = yes
>> create mask = 0770
>> directory mask = 0770
>> follow symlinks = yes
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>
>
More information about the samba
mailing list