Re: [Samba] samba, ads, winbind and active directory
- Date: Wed, 28 May 2008 06:43:56 -0600
- From: Jason Gerfen <jason.gerfen@xxxxxxxxxxxx>
- Subject: Re: [Samba] samba, ads, winbind and active directory
That is correct. Some more information so that I might receive some help with this.
I can perform the following commands without problem: wbinfo -t wbinfo -m wbinfo -g wbinfo -u wbinfo --krb5auth=user%password I am not able to do the following: getent group getent passwd net use x: \\valhalla\test /user:user (from a windows machine)Anyone know what I am doing wrong or could perhaps provide some more insight? I am definitely seeing somethings in the logs that I am unsure of how to fix. Any help, pointers etc are appreciated.
Some log data: [log.winbindd-idmap] [2008/05/27 14:20:18, 10] nsswitch/idmap_util.c:idmap_sid_to_uid(125)sid [S-1-5-21-2868754479-89028146-2101856903-88475] not mapped to an uid [2,1,2885498664]
Contents of my smb.conf
[global]
workgroup = scl
realm = SCL.UTAH.EDU
server string = valhalla.scl.utah.edu
netbios name = valhalla
password server = *
encrypt passwords = true
security = ads
os level = 20
allow trusted domains = no
auth methods = winbind
ldap ssl = no
interfaces = eth0, lo
bind interfaces only = yes
socket options = TCP_NODELAY
log level = 20
log file = /var/log/samba3/log.%m
max log size = 50
client signing = yes
client schannel = no
client use spnego = yes
preferred master = no
local master = no
domain master = no
wins proxy = no
dns proxy = No
template shell = /bin/bash
nt acl support = yes
inherit permissions = yes
create mask = 0775
template homedir = /home/%U
winbind uid = 1000-2000000
winbind gid = 500-2000000
winbind separator = /
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind use default domain = yes
winbind offline logon = true
winbind nss info = sfu
idmap uid = 1000-2000000
idmap gid = 500-2000000
idmap domains = THEDOMAIN
idmap config THEDOMAIN:backend = ad
idmap config THEDOMAIN:default = yes
idmap config THEDOMAIN:schema_mode = rfc2307
idmap config THEDOMAIN:range = 1000 - 300000000
printcap name = cups
printing = cups
load printers = yes
cups options = raw
print command =
lpq command = %p
lprm command =
[test]
comment = testing
browsable = yes
read only = yes
create mode = 0644
path = /home/jason
David Molina Cuevas wrote:
Do you not get any result for a 'getent passwd', and yes for 'wbinfo -u' ? I think I had the same problem before, I'll try to remember it. David Molina On Tue, May 27, 2008 at 3:25 PM, Jason Gerfen <jason.gerfen@xxxxxxxxxxxx> wrote:I can enumerate users and groups from the domain but I cannot authenticate the users. Any help? -- Jas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
-- Jas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
- References:
- [Samba] samba, ads, winbind and active directory
- From: Jason Gerfen
- Re: [Samba] samba, ads, winbind and active directory
- From: David Molina Cuevas
- [Samba] samba, ads, winbind and active directory
- Prev by Date: Re: [Samba] Roaming Profiles Load Very Slowly
- Next by Date: Re: [Samba] Roaming Profiles Load Very Slowly
- Previous by thread: Re: [Samba] samba, ads, winbind and active directory
- Next by thread: [Samba] wbinfo and net use
- Index(es):