Samba 4 Domain Member - problem
Carlos Miguel Bustillo Rdguez
cbustillo at uclv.edu.cu
Fri Dec 20 10:11:43 MST 2013
Rowland:
thanks for your time. I have made your recomendation. But the problem
remains:
# wbinfo -i mmorales
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user mmorales
# id mmorales
id: mmorales: No such user
Why the command "id" worked initially?
Sometimes command "id" identify the users and others don't do it.
Regards, Carlos
PD: Happy Christmas for all!!
On 12/20/2013 04:37 AM, Rowland Penny wrote:
> On 19/12/13 23:12, Carlos Miguel Bustillo Rdguez wrote:
>> Hello list:
>>
>> Recently I join my Samba 4.1.3 (from Sernet packages in Debian Wheezy)
>> to my Microsoft Windows 2008R2 Domain as member server.
>>
>> I following the steps in
>> https://wiki.samba.org/index.php/Samba/Domain_Member
>>
>> Initially all worked perfectly, but later I note that some user in my
>> MSAD don't appear when I use "id" command:
>> # id joe
>> id: joe: No such user
>>
>> These are the result from "testparm" command:
>> Load smb config files from /etc/samba/smb.conf
>> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
>> Processing section "[pkt]"
>> Processing section "[test]"
>> Loaded services file OK.
>> Server role: ROLE_DOMAIN_MEMBER
>> Press enter to see a dump of your service definitions
>>
>> [global]
>> workgroup = MYDOMAIN
>> realm = MYDOMAIN.COM
>> security = ADS
>> winbind enum users = Yes
>> winbind enum groups = Yes
>> winbind use default domain = Yes
>> winbind nss info = rfc2307
>> idmap config MYDOMAIN:range = 500-100000
>> idmap config MYDOMAIN:schema_mode = rfc2307
>> idmap config MYDOMAIN:backend = ad
>> idmap config *:range = 70001-80000
>> idmap config * : backend = tdb
>> map acl inherit = Yes
>> printing = bsd
>> print command = lpr -r -P'%p' %s
>> lpq command = lpq -P'%p'
>> lprm command = lprm -P'%p' %j
>> store dos attributes = Yes
>> vfs objects = acl_xattr
>>
>> [pkt]
>> path = /home/big
>> read only = No
>>
>> [test]
>> path = /home/test
>> read only = No
>>
>> The big problem is when I add new users to the shares above (pkt and
>> test), they cannot login.
>>
>> I think that the problem is associated with winbind and
>> libnss_winbind.so.2 library:
>>
>> I put the necessary symbolic links in /lib64 (my hardware is x86_64),
>> the I ran the following to check if the libraries are activated:
>> #ldconfig -v | grep winbind
>> ldconfig: Path `/lib/x86_64-linux-gnu' given more than once
>> ldconfig: Path `/usr/lib/x86_64-linux-gnu' given more than once
>> libnss_winbind.so -> libnss_winbind.so.2
>> libnss_winbind.so -> libnss_winbind.so.2
>>
>>
>> I appreciate some help about it.
>>
>> Regards, Carlos
>>
>>
>> La Universidad Central "Marta Abreu" de Las Villas en su 60
>> Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en:
>> http://www.uclv.edu.cu
>> Participe en Universidad 2014, del 10 al 14 de febrero de 2014.
>> Habana. Cuba. http://www.congresouniversidad.cu/
>>
>>
> First thing that you need to fix is your ranges, 'idmap config *:range =
> 70001-80000' is inside 'idmap config MYDOMAIN:range = 500-100000'
> The *:range needs to come before or after MYDOMAIN:range
> i.e.
> idmap config MYDOMAIN:range = 500-100000
> idmap config *:range = 100001-101000
>
> Rowland
>
>
> La Universidad Central "Marta Abreu" de Las Villas en su 60 Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en: http://www.uclv.edu.cu
> Participe en Universidad 2014, del 10 al 14 de febrero de 2014. Habana. Cuba. http://www.congresouniversidad.cu/
>
>
> .
>
La Universidad Central "Marta Abreu" de Las Villas en su 60 Aniversario. Fundada el 30 de noviembre de 1952. Visítenos en: http://www.uclv.edu.cu
Participe en Universidad 2014, del 10 al 14 de febrero de 2014. Habana. Cuba. http://www.congresouniversidad.cu/
More information about the samba-technical
mailing list