I *think* there'e GPLv3 problems with distributing samba 3.4 with Solaris. You could be waiting a while.
On Fri, 04 Dec 2009 09:59:06 -0500, Gaiseric Vandal <gaiseric.van...@gmail.com> wrote: > On 12/03/09 17:42, Gaiseric Vandal wrote: >> Sunfreeware.com has compiled packages of Samba 3.4.2 with kerberos and >> ldap support included (if you also install the ldap and kerberos >> packages from sunfreeware.) However it does not include the >> nss_winbind.so.* or libnss_winbind.so.* files. >> >> >> Solaris does include nss_winbind.so already (since it is included with >> Samba 3.0.x) or I could compile it from the 3.4.x source code. But >> then I am not sure if either of these would be compatible with >> Sunfreeware samba. >> >> I am using winbind in /etc/nsswitch.conf for supporting users in a >> trusted domain. under samba 3.0.x "getent passwd" did return users >> from a trusted domain. On 3.4 it is not, although "wbinfo -u" is >> working. >> >> >> Thanks >> >> >> > > I copied the nss_winbind.so file I compiled to /usr/local/samba/lib. > Samba will use that in preference to any files in /usr/lib so I didn't > need to delete or move Sun provided nss_winbind.so file. > > > I added the following to smb.conf (they had not been required in samba > 3.0.x.) > > idmap uid = 30000-39999 > idmap gid = 30000-39999 > > > The following entries already exisited in smb.conf (and had been sufficient > > > idmap config TRUSTEDWINDOMAIN:backend = ldap > #idmap config TRUSTEDWINDOMAIN:readonly = no > idmap config TRUSTEDWINDOMAIN:readonly = yes > idmap config TRUSTEDWINDOMAIN:default=no > idmap config TRUSTEDWINDOMAIN:ldap_base_dn = > ou=administration,ou=idmap,o=domain.com > idmap config TRUSTEDWINDOMAIN:ldap_user_dn = cn=Directory Manager > idmap config TRUSTEDWINDOMAIN:ldap_url = ldap://ldapserver1.domain.com > idmap config TRUSTEDWINDOMAIN:range = 30000-39999 > > > > idmap alloc backend = ldap > idmap alloc config:ldap_base_dn = ou=alloc,ou=idmap,o=domain.com > idmap alloc config:ldap_user_dn = cn=Directory Manager > idmap alloc config:ldap_url = ldap://ldapserver1.domain.com > idmap alloc config:range = 30000-39999 > > > > I also needed to add the following line to smb.conf > > client schannel = no > > This resolved "cm_get_ipc_userpass: No auth-user defined " error > messages in winbindd.log. I suspect this may be need to be set on the > PDC to resolve some other domain trust issues. The trusted domain is > Windows 2003 in mixed mode. > > > Ideally Sun will one day provide their own build of Samba 3.4.x. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba