Hi, I'm switching between two domains, and I need to make a couple of Linux+Samba machines provide the same shares in both domains. I've set up two sambas in the same machine, listening on different subinterfaces, but I can't make winbind to behave properly. As soon as I start the second winbind, the domain accounts provided by the first one become hidden (that is, 'getent passwd' only shows the second domain). I found both winbinds use the same UNIX socket/pipe. I found no way to choose the socket used, or to make winbind share the socket, neither in the configure script nor in the daemon options. Does anyone know how to work around this? I use samba 2.2.3. netstat -nap | grep winbindd shows this (.200 and .209 are the PDCs): tcp 0 0 192.168.0.242:32918 192.168.0.200:445 ESTABLISHED 24619/winbindd tcp 0 0 192.168.0.242:32917 192.168.0.200:445 ESTABLISHED 24619/winbindd tcp 0 0 192.168.0.242:32925 192.168.0.209:445 ESTABLISHED 24905/winbindd unix 2 [ ACC ] STREAM LISTENING 114109 24619/winbindd /tmp/.winbindd/pipe unix 2 [ ACC ] STREAM LISTENING 120740 24905/winbindd /tmp/.winbindd/pipe Yours, Fernando del Valle
-----Original Message----- From: samba-bounces+alexandrum=home.ro@lists.samba.org [mailto:samba-bounces+alexandrum=home.ro@lists.samba.org] On Behalf Of Fernando del Valle Sent: 25 iunie 2003 19:22 To: samba@lists.samba.org Subject: [Samba] Two winbinds in one machine? Hi, I'm switching between two domains, and I need to make a couple of Linux+Samba machines provide the same shares in both domains. I've set up two sambas in the same machine, listening on different subinterfaces, but I can't make winbind to behave properly. As soon as I start the second winbind, the domain accounts provided by the first one become hidden (that is, 'getent passwd' only shows the second domain). I found both winbinds use the same UNIX socket/pipe. I found no way to choose the socket used, or to make winbind share the socket, neither in the configure script nor in the daemon options. Does anyone know how to work around this? I use samba 2.2.3. Why don't you use 2 different Linux boxes each one acting as a domain controller?
On Thu, 2003-06-26 at 02:21, Fernando del Valle wrote:> Hi, > > I'm switching between two domains, and I need to make a couple of > Linux+Samba machines provide the same shares in both domains. I've set up > two sambas in the same machine, listening on different subinterfaces, but I > can't make winbind to behave properly. As soon as I start the second > winbind, the domain accounts provided by the first one become hidden (that > is, 'getent passwd' only shows the second domain). I found both winbinds use > the same UNIX socket/pipe. I found no way to choose the socket used, or to > make winbind share the socket, neither in the configure script nor in the > daemon options. Does anyone know how to work around this? > > I use samba 2.2.3.Not really, the path /tmp/.winbind/pipe is encoded in the nss_winbidn client lib - which does not know how to use both. A chroot() for both smbds would be as good as you could get. You should not be using 2.2.3 anyway, due to *major* security issues in Samba < 2.2.8a. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20030626/12098809/attachment.bin