I am trying to get WinBind working against Windows 2000 ADS. I am following the document http://de.samba.org/samba/devel/docs/html/winbind.html. I have successfully joined the samba server to the PDC domain. /usr/local/samba/bin/net join -S PDC -U Administrator The winbindd starts successfully however when I try to use wbinfo -u it returns. [root@jerry root]# /usr/local/samba/bin/wbinfo -u Error looking up domain users And the /usr/local/samba/var/log.winbindd log file contains the below. [2003/06/16 14:57:03, 1] nsswitch/winbindd_util.c:add_trusted_domain(138) Added domain AU.MYDOMAIN.COM [2003/06/16 14:57:03, 1] nsswitch/winbindd_util.c:init_domain_list(214) Could not fetch sid for our domain AU.MYDOMAIN.COM My samba.conf is [root@jerry lib]# cat smb.conf [global] winbind separator = + winbind uid = 10000-20000 winbind gid = 10000-20000 winbind enum users = yes winbind enum groups = yes workgroup = AU.MYDOMAIN.COM security = domain password server = myad01 Can anybody advise why this is not working. -- Brett Hales <brett.hales@baesystems.com>
Patrik Gustavsson PS Sweden Senior Technical Consultant
2003-Jun-16 08:26 UTC
[Samba] WinBind - 3.0.0beta1
What I did for getting winbind to work with Windows 2003 ADS.
1) Compiled Samba with both kerberos and ldap support.
If you don't do this it will not work.
2) Configure kerberos klient on your server.
3) Then I ran net ads JOIN -U administrator
My smb.conf
# Global parameters
[global]
workgroup = SAMBA-NET
password server = *
ads server = w2003server
realm = TEST.SE
netbios name = SAMBA
server string = Samba (%v) domain (%h)
interfaces = hahostix1/255.255.0.0
bind interfaces only = Yes
security = ads
private dir = /global/mnt1/SAMBA/private
log file = /global/mnt1/SAMBA/logs/logfile
lock dir = /global/mnt1/SAMBA/locks
pid directory = /global/mnt1/SAMBA/var/locks
idmap uid = 10000-20000
idmap gid = 10000-20000
template homedir = /global/mnt1/SAMBA/home/%D/%U
template shell = /bin/sh
winbind use default domain = Yes
wins server = w2003server
Brett Hales wrote:
>I am trying to get WinBind working against Windows 2000 ADS.
>
>I am following the document
>http://de.samba.org/samba/devel/docs/html/winbind.html.
>
>I have successfully joined the samba server to the PDC domain.
>
>/usr/local/samba/bin/net join -S PDC -U Administrator
>
>The winbindd starts successfully however when I try to use wbinfo -u it
>returns.
>
>[root@jerry root]# /usr/local/samba/bin/wbinfo -u
>Error looking up domain users
>
>And the /usr/local/samba/var/log.winbindd log file contains the below.
>
>[2003/06/16 14:57:03, 1]
>nsswitch/winbindd_util.c:add_trusted_domain(138) Added domain
>AU.MYDOMAIN.COM
>[2003/06/16 14:57:03, 1] nsswitch/winbindd_util.c:init_domain_list(214)
>Could not fetch sid for our domain AU.MYDOMAIN.COM
>
>My samba.conf is
>[root@jerry lib]# cat smb.conf
>[global]
>winbind separator = +
>winbind uid = 10000-20000
>winbind gid = 10000-20000
>winbind enum users = yes
>winbind enum groups = yes
>workgroup = AU.MYDOMAIN.COM
>security = domain
>password server = myad01
>
>
>Can anybody advise why this is not working.
>
>
>
>
--
"In a world without fences who needs Gates"
Patrik Gustavsson, Senior Technical Consultant
patrik.gustavsson@sun.com Telephone: +46 60 671540
http://glen.sweden Mobile: +46 70 3551040
SUN MICROSYSTEMS Fax: +46 60 671550
--------------------------------------------------------------
Maybe Matching Threads
- Strange UID/GID mapping in Samba-3beta1 and Win2003 server
- Got strange message when using wbinfo/winbind on Samba-3 beta3
- Problems joining W2003 PDC with Samba 3.0 alpha 24
- Something is broken in Samba3.0-rc2 compared to Samba3.0-rc1
- dual smb/nmb for interfaces