thr3ads.net - samba - [Samba] Problems with Ad and Winbind [Jun 2003]

If this information is useful, please help other people find it:
Share via:

Schwarz Frank

2003-Jun-27 07:04 UTC

[Samba] Problems with Ad and Winbind

Hi folks,

I'm using Samba 3beta running on RH 8.0 and I'd like to authentificate
against a Microsoft AD. This all works very well, except to the fact that not
ALL AD Users are mapped to my Unixbox!

When starting getent passwd, my UnixBox shows just my User from passwd and some
of the AD User - not all!! Looking through my User with the command wbinfo -u
all AD users are shown correctly!

Anybody knowing any workaround?

Attached I'm sending my setups.


my smb.conf:

[global]
        workgroup = ***
        realm = *****
        ADS server = DE4A068C.ffm.sbs.de
        server string = Samba ADS
        security = ADS
        password server = *****
        #passdb backend = smbpasswd
        algorithmic rid base = 100000
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        encrypt passwords = yes
        log file = /usr/local/samba/var/%m.log
        log level = 10
        max log size = 100000
        domain logons = yes
        ldap ssl = no
        idmap uid = 1000-200000
        idmap gid = 1000-200000
        template shell = /bin/false
        template homedir = /home/%D/%U
        winbind cache time = 1
        #'winbind gid = 20001 - 30000
        #winbind uid = 20001 - 30000
        winbind separator =*
        winbind enum groups = yes
        winbind enum users = yes
        unix password sync = Yes

extract from winbindd.log when trying getent passwd - User Sascha is shown but
mapping of Hugo fails. Hugo is a valid User in the AD!


[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_getpwent(511)
  could not lookup domain user hugo
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(219)
  sid_to_uid: sid = [S-1-5-21-484763869-1563985344-1343024091-1313]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(245)
  sid_to_uid: Fall back to algorithmic mapping
[2003/06/26 14:04:39, 3] sam/idmap_util.c:sid_to_uid(248)
  sid_to_uid: SID S-1-5-21-484763869-1563985344-1343024091-1313 is *NOT* a user
[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(46)
  error getting user id for sid S-1-5-21-484763869-1563985344-1343024091-1313

[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_getpwent(511)
  could not lookup domain user sascha
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(219)
  sid_to_uid: sid = [S-1-5-21-484763869-1563985344-1343024091-1337]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(231)
  sid_to_uid: uid = [10006]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_gid(277)
  sid_to_gid: sid = [S-1-5-21-484763869-1563985344-1343024091-513]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_gid(289)
  sid_to_gid: gid = [30000]

****************************************************



Best regards/Mit freundlichem Gru?

Frank Schwarz
Siemens Business Services GmbH & Co. OhG
ORS GD SIM
Lyoner Stra?e 27

60528 Frankfurt

Tel.: +49 69 6682 5470

Apparently Analagous Threads

Search for more maybe matching threads

samba - Jun 2003 - Problems with Ad and Winbind

[Samba] Problems with Ad and Winbind

Apparently Analagous Threads

Wisdom of the Ancients