Anyone have any ideas on this? (Really, any ideas at all are
welcome.) Thanks.
Chris St. Pierre
Unix Systems Administrator
Nebraska Wesleyan University
On Fri, 27 Mar 2009, Chris St. Pierre wrote:
I have the exact same problem as this guy:
http://lists.samba.org/archive/samba/2006-September/125699.html
He describes it much better and in much more detail than I could, so
I'll let him speak for me.
Unfortunately, I don't have the same solution. nss_ldap is configured
properly, and things like 'getent passwd' and 'id machine-acct$' show
the machine accounts as expected:
% getent passwd | grep stpierre
stpierre:x:2273:4000:Christopher St
Pierre:/home/faculty/stpierre:/bin/zsh
stpierre-pc$:*:1944:1000:Computer:/dev/null:/bin/false
% id stpierre-pc$
uid=1944(stpierre-pc$) gid=1000 groups=1000
Unfortunately, "fix nss_ldap" is about the only suggestion I could
find on this problem on Google. Any other suggestions? Thanks!
I'm running samba 3.0.33 on RHEL 5. /etc/ldap.conf (nss_ldap.conf on
other distros):
uri ldap://ldap.nebrwesleyan.edu
base o=NebrWesleyan.edu,o=isp
timelimit 30
bind_timelimit 30
bind_policy soft
nss_initgroups_ignoreusers root,ldap
ssl start_tls
tls_checkpeer no
The [global] section of smb.conf:
[global]
server string = Huxley
workgroup = NWU_HUXLEY
netbios name = Huxley
log level = 1
log file = /var/log/samba/%U.%m.log
max log size = 102400
add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m'
bind interfaces only = true
interfaces = 10.1.1.44
logon path =
logon home =
logon drive =
socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536 SO_KEEPALIVE
max smbd processes = 0
encrypt passwords = yes
domain logons = yes domain master = yes local master = yes preferred master =
yes security = user os level = 33 wins server = 10.9.1.12
admin users = +ntadmin
passdb backend = ldapsam:ldap://ldap.nebrwesleyan.edu
ldap suffix = o=nebrwesleyan.edu,o=isp ldap machine suffix = ou=People ldap
user suffix = ou=People ldap group suffix = ou=Groups ldap admin dn =
cn=directory manager ldap ssl = off
idmap uid = 10000-20000
idmap gid = 10000-20000
blocking locks = no
unix extensions = no
include = /etc/samba/%U.inc
Chris St. Pierre
Unix Systems Administrator
Nebraska Wesleyan University
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba