Hi Reese, did you use net join to your samba server to the windows domain ??? did you see the samba's log ??? did you see the winbind's log ???
Marcos --- "Reese,Richard Stephen" <[EMAIL PROTECTED]> escreveu: > getent is only retrieving the local users and groups > > > -----Original Message----- > From: marcos rocha [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 08, 2006 9:40 PM > To: Reese,Richard Stephen; Shelley, Brandon > Cc: samba@lists.samba.org > Subject: RE: [Samba] Unable to use 'valid users' > from Active Directory > > > does getent passwd retrieves all users ??? > does getent group retrieves all groups ??? > did you change /etc/nsswitch.conf ??? > you need to add the winbind parameter to passwd and > group > > > > --- "Reese,Richard Stephen" <[EMAIL PROTECTED]> > escreveu: > > > I had the 'winbind use default domain = yes' > enabled and was able to > > retrieve user and group information via wbinfo but > I still had the > > same problem. It would let me specify a group and > then let a user > > login. I can specify a user though. > > > > -----Original Message----- > > From: marcos rocha [mailto:[EMAIL PROTECTED] > > Sent: Thursday, June 08, 2006 7:12 AM > > To: Reese,Richard Stephen; Shelley, Brandon > > Cc: samba@lists.samba.org > > Subject: RE: [Samba] Unable to use 'valid users' > > from Active Directory > > > > > > Ho Reese, > > > > i'm using the almost que same configuration but > with something > > diferent. > > i'm using win2k SP4 with valid users parameter > pointing to users > > instead of group. this is because winbind isn't > solving simple win2k > > member's group neigther nested win2k member's > group. > > > > my users use user | password to be validated > instead of domain\user | > > password because of winbind use default domain = > yes parameter. > > > > Marcos > > > > --- "Reese,Richard Stephen" <[EMAIL PROTECTED]> > > escreveu: > > > > > There are some issues with SP1 Server 2003 and > > samba. I'm able to auth > > > fine using samba and either kerberos or winbind. > > The only difference I > > > can really determine from our configs is that I > > have the winbind > > > seperator commented out so that DOMAIN\someuser > > works, unless I'm > > > missing something. > > > > > > > > > [global] > > > > > > # workgroup = NT-Domain-Name or Workgroup-Name > > > workgroup = UFAD > > > realm = ADSERVER.UFL.EDU > > > # server string is the equivalent of the NT > > Description field > > > server string = SERVER > > > > > > hosts allow = 10.242. > > > load printers = no > > > log file = /var/log/samba/%m.log > > > max log size = 50 > > > security = ads > > > > > > idmap uid = 10000 - 20000 > > > idmap gid = 10000 - 20000 > > > #winbind separator = + > > > winbind enum users=yes > > > winbind enum groups=yes > > > template homedir = /home/win/%D/%U > > > template shell = /bin/bash > > > client use spnego = yes > > > winbind use default domain = yes > > > > > > encrypt passwords = yes > > > smb passwd file = /etc/samba/smbpasswd > > > socket options = TCP_NODELAY SO_RCVBUF=8192 > > > SO_SNDBUF=8192 > > > > > > > > > #============================ Share Definitions > > > ============================== [homes] > > > comment = %U Home Directory > > > browseable = no > > > path = %H > > > valid users = %U > > > writable = yes > > > create mode = 0664 > > > directory mode = 0775 > > > > > > [public] > > > comment = Public Stuff > > > path = /home/ > > > public = yes > > > read only = no > > > ; valid users = @"_IFAS-FRE-USERS_autoGS" > > > > > > [citrus] > > > path = /home/httpd/html/citrus > > > public = no > > > read only = no > > > write list = vmsodek rsreese > > > > > > ________________________________ > > > > > > From: Shelley, Brandon > > > [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, June 06, 2006 12:23 PM > > > To: Reese,Richard Stephen > > > Subject: RE: [Samba] Unable to use 'valid users' > > > from Active Directory > > > > > > > > > Wow finally someone with my EXACT problem :) > > Though no posts here are > > > remotely close to solving the problem. I have > > also tried every other > > > recommendation in this posting, as well as many > > others. The problem > > > is that even though the machine has been "net > > join"ed to a Windows > > > domain, it does not want to authenticate to the > > server. > > > DOMAIN\User | Password > > > and User | Password don't work... this says to > me > > that is is an AD > > > complication. Our system worked fine until an > > upgrade to SP1 on the > > > DC, and soon thereafter, no one could > authenticate > > to the samba server > > > via an AD account any longer. > > > > > > If anyone has ideas other than "you have to > type > > net join etc." or > > > "upgrade to 3.0.14a" (when I, anyway, am using > > 3.0.22), I, and I'm > > > sure Richard would too, would sincerely > appreciate > > it! > > > > > > Thanks in advance, > > > > > > Best Regards, > > > Brandon Shelley > > > > > > > > > > > > -- > > > To unsubscribe from this list go to the > following > > URL and read the > > > instructions: > > > https://lists.samba.org/mailman/listinfo/samba > > > > > > > > > > > > > > _______________________________________________________ > > Abra sua conta no Yahoo! Mail: 1GB de espaço, > alertas de e-mail no > > celular e anti-spam realmente eficaz. > > http://mail.yahoo.com.br/ > > > > > __________________________________________________ > Fale com seus amigos de graça com o novo Yahoo! > Messenger http://br.messenger.yahoo.com/ > __________________________________________________ Fale com seus amigos de graça com o novo Yahoo! Messenger http://br.messenger.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
