subject:"\[Samba\] Update\: Winbind\+nss working on one centOS 5.2 box but not another"

Re: {Disarmed} Re: [Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

2009-01-31 Thread Ben Tisdall

Thanks Kums - I should have been clearer - the non-verbose testparm
output (which doesn't show the netbios name) diffs out perfectly.

The netbios names are in fact set differently and the join happens
without errors.

testparm -v

Kums wrote:
 
 Make sure to have different Netbios Name, else only one box will be able
 to successfully join to AD + export Samba shares.
 
 Cheers,
 -Kums
 
 On Fri, Jan 23, 2009 at 1:18 AM, Ben Tisdall b...@redcircleit.com
 mailto:b...@redcircleit.com wrote:
 
 tim clusters wrote:
 
  What is your id backend? AD or RID? Can you post your smb.conf?
 
 
 Hi Tim  thanks for replying.
 
 This is very minimal smb.conf - the history is that it was copied
 verbatim from a Guardian snap appliance  worked perfectly well on
 'Box A'.
 
 workgroup = OURDOMAIN
 security = ads
 server string = Samba Server Version %v
 netbios name = testukmcsstor1
 realm = OURDOMAIN.PRIV
 idmap uid = 1-2
 idmap gid = 1-2
 ;interfaces = lo eth0 *MailScanner warning: numerical links are
 often malicious:* 192.168.12.2/24 http://192.168.12.2/24
 *MailScanner warning: numerical links are often malicious:*
 192.168.13.2/24 http://192.168.13.2/24
 ;hosts allow = 127. 10
 
 # logs split per machine
 log file = /var/log/samba/log.%m
 # max 50KB per log file, then rotate
 max log size = 50
 preferred master = no
 wins support = yes
 ;   wins server = w.x.y.z
 ;   wins proxy = yes
 
 ;   dns proxy = yes
 
 load printers = yes
 cups options = raw
 
 ;   map archive = no
 ;   map hidden = no
 ;   map read only = no
 ;   map system = no
 ;   store dos attributes = yes
 
 Include = /etc/samba/shares.conf
 
 NB: I can testparm the conf from both boxes  the output diffs
 perfectly.
 
 --
 This message has been scanned for viruses and
 dangerous content by MailScanner, and is
 believed to be clean.
 
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba
 
 
 
 -- 
 This message has been scanned for viruses and
 dangerous content by *MailScanner* http://www.mailscanner.info/, and is
 believed to be clean.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

2009-01-26 Thread Kums

Make sure to have different Netbios Name, else only one box will be able to
successfully join to AD + export Samba shares.

Cheers,
-Kums

On Fri, Jan 23, 2009 at 1:18 AM, Ben Tisdall b...@redcircleit.com wrote:

 tim clusters wrote:
 
  What is your id backend? AD or RID? Can you post your smb.conf?
 

 Hi Tim  thanks for replying.

 This is very minimal smb.conf - the history is that it was copied
 verbatim from a Guardian snap appliance  worked perfectly well on 'Box A'.

 workgroup = OURDOMAIN
 security = ads
 server string = Samba Server Version %v
 netbios name = testukmcsstor1
 realm = OURDOMAIN.PRIV
 idmap uid = 1-2
 idmap gid = 1-2
 ;interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
 ;hosts allow = 127. 10

 # logs split per machine
 log file = /var/log/samba/log.%m
 # max 50KB per log file, then rotate
 max log size = 50
 preferred master = no
 wins support = yes
 ;   wins server = w.x.y.z
 ;   wins proxy = yes

 ;   dns proxy = yes

 load printers = yes
 cups options = raw

 ;   map archive = no
 ;   map hidden = no
 ;   map read only = no
 ;   map system = no
 ;   store dos attributes = yes

 Include = /etc/samba/shares.conf

 NB: I can testparm the conf from both boxes  the output diffs perfectly.

 --
 This message has been scanned for viruses and
 dangerous content by MailScanner, and is
 believed to be clean.

 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

2009-01-23 Thread Ben Tisdall

tim clusters wrote:
 
 What is your id backend? AD or RID? Can you post your smb.conf?
 

Hi Tim  thanks for replying.

This is very minimal smb.conf - the history is that it was copied
verbatim from a Guardian snap appliance  worked perfectly well on 'Box A'.

workgroup = OURDOMAIN
security = ads
server string = Samba Server Version %v
netbios name = testukmcsstor1
realm = OURDOMAIN.PRIV
idmap uid = 1-2
idmap gid = 1-2
;interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
;hosts allow = 127. 10

# logs split per machine
log file = /var/log/samba/log.%m
# max 50KB per log file, then rotate
max log size = 50
preferred master = no
wins support = yes
;   wins server = w.x.y.z
;   wins proxy = yes

;   dns proxy = yes

load printers = yes
cups options = raw

;   map archive = no
;   map hidden = no
;   map read only = no
;   map system = no
;   store dos attributes = yes

Include = /etc/samba/shares.conf

NB: I can testparm the conf from both boxes  the output diffs perfectly.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

2009-01-19 Thread Ben Tisdall

Something is not right with the group mapping, but I am unsure what.

getent returns different a primary GID for a given user on each box and
the group mapping differs in each case:

Box A:

//u...@host//:~$ getent group 10012
OURDOMAIN\domain users:*:10012:

Box B:

//u...@host//:~$ getent group 10004
OURDOMAIN\domain users:*:10004:

When I do a long file listing winbindd is printing stuff like this:

[14855]: getpwuid 10082
Added timed event async_request_timeout: 2ae2266d45b0
child daemon request 51
timed_events_timeout: 299/87
process_request: request fn DUAL_UID2SID
[14254]: uid to sid 10082
uid = [10082]
Cache entry with key = IDMAP/UID/10082 couldn't be found
Query backends to map ids-sids
Query sids from domain OURDOMAIN
Fetching record UID 10082
Record UID 10082 not found
Query sids from domain SAMBASERVER
pdb_default_uid_to_rid: host has no idea of uid 10082
Storing response for pid 14257, len 3240
Destroying timed event 2ae2266d45b0 async_request_timeout
Retrieving response for pid 14257
uid2sid_recv: uid 10082 has sid S-1-22-1-10082
Could not find domain for sid S-1-22-1-10082



Ben Tisdall wrote:
 Hi all,
 
 I have an odd situation on my hands:
 
 * Two CentOS 5.2 boxes both joined to an AD domain.
 
 * Same samba version (3.0.28-1.el5_2.1) smb.conf, only the netbios names
 differ
 
 * Can enumerate users and groups using winbind -{u,g} on both.
 
 * nss doesn't enumerate users  groups on one (same lib versions, same
 conf file).
 
 //ben...@testukmcsstor1//:~$ rpm -qa | grep nss-
 nss-tools-3.12.2.0-2.el5.centos
 nss-3.12.2.0-2.el5.centos
 pkinit-nss-0.7.3-1.el5
 nss-3.12.2.0-2.el5.centos
 
 Looks like this may be more of a libnss problem than a samba one, but
 can anyone suggest how I can start to troubleshoot?
 
 Thanks in advance,
 
 Ben Tisdall
 
 
 
 
 
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: {Disarmed} Re: [Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

Re: [Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

Re: [Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

[Samba] Update: Winbind+nss working on one centOS 5.2 box but not another

4 matches

Site Navigation

Mail list logo

Footer information