Back To Unix / Linux Forum

Problem with Samba, winbind not listing users/groups

  • schase02
  • Newbie
  • Newbie
  • No Avatar
  • Joined: Nov 10, 2004
  • Posts: 14
  • Status: Offline

Post November 26th, 2004, 12:18 pm

Hello,

I am pretty new to linux - starting to find my way around it a bit, and liking what I see.

I am trying to get dansguardian to do content filtering for a small network - got SQUID installed and configured, dansguardian installed and configured - which works great.

Then I decided to install samba - to try and use the Active Directory authentication with groups to give some additional flexability.

I joined the samba machine to the AD great, when I try wbinfo
the following returns

wbinfo -t - succeeded
wbinfo -n Administrator - returns the SID for admin
wbinfo -r Administrator - returns 10001 - 10004
wbinfo -V - returns 3.0.2a-SUSE
wbinfo -u - returns - Error looking up domain users
wbinfo -g - returns - Error looking up domain groups

I can ping the server great, I can see the suse computer good from the windows AD machine - and even if I authenticate administrator with wbinfo - it still returns the error.


my /etc/krb5.conf looks like this
Code: [ Select ]
[realms]
    mydomain.com = {
        kdc = server.mydomain.com
        admin_server = server.mydomain.com
        kpasswd_server = server.mydomain.com
    }
#    OTHER.REALM = {
#        kdc = OTHER.COMPUTER
#    }

[domain_realm]
    .my.domain =mydomain.com
  1. [realms]
  2.     mydomain.com = {
  3.         kdc = server.mydomain.com
  4.         admin_server = server.mydomain.com
  5.         kpasswd_server = server.mydomain.com
  6.     }
  7. #    OTHER.REALM = {
  8. #        kdc = OTHER.COMPUTER
  9. #    }
  11. [domain_realm]
  12.     .my.domain =mydomain.com


my /etc/samba/smb.conf looks like this

Code: [ Select ]
[global]
    netbios name = server
    idmap uid = 10000-20000
    workgroup = mydomain.com
    os level = 20
    preferred master = no
    encrypt passwords = true
    password server = server.mydomain.com
    security = domain
    winbind separator = +
    dns proxy = no
    realm = mydomain.com
    winbind uid = 10000-20000
    winbind gid = 10000-20000
    winbind use default domain = yes
    winbind enum users = yes
    winbind enum groups = yes

[homes]
    guest ok = no
    browseable = no

[temp]
    path = /tmp
    public = yes
  1. [global]
  2.     netbios name = server
  3.     idmap uid = 10000-20000
  4.     workgroup = mydomain.com
  5.     os level = 20
  6.     preferred master = no
  7.     encrypt passwords = true
  8.     password server = server.mydomain.com
  9.     security = domain
  10.     winbind separator = +
  11.     dns proxy = no
  12.     realm = mydomain.com
  13.     winbind uid = 10000-20000
  14.     winbind gid = 10000-20000
  15.     winbind use default domain = yes
  16.     winbind enum users = yes
  17.     winbind enum groups = yes
  19. [homes]
  20.     guest ok = no
  21.     browseable = no
  23. [temp]
  24.     path = /tmp
  25.     public = yes


and my /etc/nsswitch looks like this

Code: [ Select ]
passwd: compat winbind
group: compat winbind

hosts:     files dns
networks:    files dns

services:    files
protocols:   files
rpc:      files
ethers:     files
netmasks:    files
netgroup:    files
publickey:   files
  1. passwd: compat winbind
  2. group: compat winbind
  4. hosts:     files dns
  5. networks:    files dns
  7. services:    files
  8. protocols:   files
  9. rpc:      files
  10. ethers:     files
  11. netmasks:    files
  12. netgroup:    files
  13. publickey:   files


Can anyone see where I may be going wrong here?

Thank you
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post November 26th, 2004, 12:18 pm

  • schase02
  • Newbie
  • Newbie
  • No Avatar
  • Joined: Nov 10, 2004
  • Posts: 14
  • Status: Offline

Post November 26th, 2004, 2:26 pm

looks like I got it,

I redid my krb5.conf file to show

Code: [ Select ]
[libdefaults]
    default_realm = MYDOMAIN.COM

[realms]
    MYDOMAIN.COM = {
        kdc = SERVER.MYDOMAIN.COM
        default_domain = MYDOMAIN.COM
    }

[domain_realm]
    .mydomain.com = MYDOMAIN.COM
    mydomain.com = MYDOMAIN.COM
  1. [libdefaults]
  2.     default_realm = MYDOMAIN.COM
  4. [realms]
  5.     MYDOMAIN.COM = {
  6.         kdc = SERVER.MYDOMAIN.COM
  7.         default_domain = MYDOMAIN.COM
  8.     }
  10. [domain_realm]
  11.     .mydomain.com = MYDOMAIN.COM
  12.     mydomain.com = MYDOMAIN.COM


and rebooted the suse machine
worked that time.
  • paulgdaniel
  • Born
  • Born
  • No Avatar
  • Joined: Jul 13, 2007
  • Posts: 1
  • Status: Offline

Post July 13th, 2007, 7:48 am

I joined this forum just to say YOU ARE A LEGEND. I have been fighting this problem for a day and a half now, and changing my krb5.conf to the format you laid out fixed everything!

I was connecting a Scientific Linux box to a 2003 PDC, using samba, krb5, and winbind. I set this up in Ubuntu in about 10 minutes, and copied over the config files to SL, thinking all would be good. Damn my sweet innocence for thinking one setup would work on all Linux boxes...

Thanks again.

Page 1 of 1

Post Information

  • Total Posts in this topic: 3 posts
  • Users browsing this forum: No registered users and 59 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.