Doing what you're doing is using the wrong machine name when making the query.
I presume that ABPSVC-UNIX2 is your server and your client is in the jail on that machine. You'd need a separate configuration instead of a copy from the server so that the jail appears to be a separate client. I've never done this. On 22 September 2011 15:09, Kamil Choudhury <kamil.choudh...@anserinae.net>wrote: > I've been messing around with running samba 3.4.14 inside a freebsd jail > over > the last couple of days, and am running into an odd problem where wbinfo -u > and wbinfo -g succeed, but getent passwd fails (insofar that it shows only > local users, but none of the domain users). > > Here's my smb.conf: > > [global] > > interfaces =192.168.0.16/32 > bind interfaces only =yes > security =ads > realm =domain.net > password server =awpsvc-win1.domain.net > workgroup =DOMAIN > idmap uid =10000-20000 > idmap gid =10000-20000 > idmap config DOMAIN: backend = ad > idmap config DOMAIN : range = 40000-60000 > winbind nss info =rfc2307 > winbind enum users =yes > winbind enum groups =yes > winbind nested groups =yes > winbind expand groups =1 > template homedir =/home/%D/%U > template shell =/usr/local/bin/bash > client use spnego =yes > client ntlmv2 auth =yes > encrypt passwords =yes > winbind use default domain =yes > restrict anonymous =2 > acl check permissions =yes > follow symlinks =yes > wide links =yes > unix extensions =no > > And my /etc/nsswitch.conf file: > > group: winbind files > group_compat: nis > hosts: files dns > networks: files > passwd: winbind files > passwd_compat: nis > shells: files > services: compat > services_compat: nis > protocols: files > rpc: files > > Doing a getent passwd results in the following output to log.winbindd: > > [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent) > could not look up gid for group ExchangeLegacyInterop > [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent) > could not look up gid for group Schema Admins > [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent) > could not look up gid for group Enterprise Admins > [2011/09/22 00:22:00, 1] winbindd/winbindd_group.c:1366(winbindd_getgrent) > could not look up gid for group Enterprise Read-only Domain Controllers > ... > > ...and the following in log.nbmd: > > [2011/09/22 00:29:46, 0] nmbd/nmbd_packets.c:1079(process_browse_packet) > process_browse_packet: Discarding datagram from IP 192.168.0.16. Source > name ABPSVC-UNIX2<00> is one of our names ! > [2011/09/22 00:29:46, 0] nmbd/nmbd_packets.c:1079(process_browse_packet) > process_browse_packet: Discarding datagram from IP 192.168.0.16. Source > name ABPSVC-UNIX2<00> is one of our names ! > > The configuration is known to work *outside* a jail -- is there something > I should be doing differently in order to get winbind to work cleanly? > > Thanks in advance, > Kamil > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba