as req. I will resend part of first message:
My Samba config: http://pastebin.com/ZqaA0Ypn
After the join I'm able to lookup peoples with
# wbinfo -u
[...]
XX
hds
XXX
[...]
# wbinfo -g
[...]
bg XX
bg hds
bg XXX
[...]
Now the problem, getent only returns the local users and not the users
from the AD
The funny thing is that if a user is local on the UNIX and in the AD, I
can login with the password from both local and AD, so I know that it
can lookup people and passwords
# getent passwd hs ; echo $?
2
When I debug on getent it returns 2, witch means that it can't find the
user.
I know there can be a problem with this if the resolv-names is not working
# ping addc.UNDERVISNING.LOCAL
PING addc.birke-gym.dk (10.3.17.1) 56(84) bytes of data.
64 bytes from bgdc.birke-gym.dk (10.3.17.1): icmp_seq=1 ttl=128
time=0.211 ms
64 bytes from bgdc.birke-gym.dk (10.3.17.1): icmp_seq=2 ttl=128
time=0.207 ms
# ping mail.UNDERVISNING.LOCAL
PING mail.birke-gym.dk (127.0.1.1) 56(84) bytes of data.
64 bytes from mail.birke-gym.dk (127.0.1.1): icmp_seq=1 ttl=64
time=0.099 ms
64 bytes from mail.birke-gym.dk (127.0.1.1): icmp_seq=2 ttl=64
time=0.094 ms
My krb5-conf:
Med Venlig Hilsen / Best Regards
Henrik Dige Semark
Den 19-07-2010 01:49, Necos Secon skrev:
I accidentally deleted the first set of messages in my email for this thread,
but does your DNS resolve properly? What does your resolv.conf look like? Also,
what do these files look like:
krb5.conf
smb.conf
There's an option in smb.conf, winbind enum users, which needs to be set in
order for getent to function properly. There is a corresponding option for
groups as well. Look at them and let us know.
Date: Mon, 19 Jul 2010 01:12:41 +0200
From:h...@semark.dk
To:esiot...@gmail.com
CC:samba@lists.samba.org
Subject: Re: [Samba] Samba + Winbind + Windows 2003 AD
Hi Micheal
Sorry for not sending that information in the first place, but I though
that it was so basic that it wasn't necessary.
My nsswitch.conf:
# cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat winbind
group: compat winbind
shadow: compat winbind
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files
services: db files
ethers: db files
protocols: db files
rpc: db files
netgroup: nis
I will mean that it is the way to do this (and it works just fine on the
UNIX servers that run there own Domain Controller)
Med Venlig Hilsen / Best Regards
Henrik Dige Semark
Den 18-07-2010 17:03, Michael Wood skrev:
On 18 July 2010 01:34, Henrik Dige Semark<h...@semark.dk> wrote:
Hey out there.
I have to join my UNIX server with an existing Win2k3 AD network.
My system info:
Debian Lenny
Samba - 3.4.8
Winbind - 3.4.8
Windows Server 2003 with 2000-style-AD
My problem is that, I have en UNIX server that have to run auth up against
our existing windows 2003 AD.
I have successfully joined my UNIX server to the AD, without problems.
# net ads join -U Administrator
Enter Administrator's password:
Using short domain name -- TEST
Joined 'MAIL' to realm 'TEST.LOCAL'
My Samba config:http://pastebin.com/ZqaA0Ypn
After the join I'm able to lookup peoples with
# wbinfo -u
[...]
# wbinfo -g
[...]
Now the problem, getent only returns the local users and not the users from
the AD
The funny thing is that if a user is local on the UNIX and in the AD, I can
login with the password from both local and AD, so I know that it can lookup
people and passwords
# getent passwd hs ; echo $?
2
When I debug on getent it returns 2, witch means that it can't find the
user.
Do you have winbind specified in your nsswitch.conf file as mentioned here:
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html#id2654732
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
