Дорофеев Михаил Сергеевич
2004-Feb-05 04:11 UTC
[Samba] idmap uid range 10000-20000: pam_winbind does NOT work ?
Hi all! Again, unexpected behaviour! When I set in smb.conf idmap uid = 10000-20000 idmap gid = 10000-20000 I CAN change and SEE domain users ang groups as I change the owner of a file on Unix: chown domain+user ./test.txt chgrp domain+group ./test.txt ls -l /tmp -rw-r--r-- 1 user group 0 Feb 4 20:25 test.txt <- I SEE DOMAIN USER AND GROUP BUT I'm NOT able to telnet or ftp to my Unix server!!! Otherwise, when I set idmap uid = 1000-2000 idmap gid = 1000-2000 I CAN telnet or FTP to my Unix server using domain accounts but if I chown or chgrp I DO NOT see domain users an groups... In debug.log I see: ...................... Feb 5 08:42:30 as08-tmn smbd[20403]: [ID 702911 daemon.warning] [2004/02/05 08:42:30, 1] smbd/service.c:make_connection_snum(705) Feb 5 08:42:30 as08-tmn smbd[20403]: [ID 702911 daemon.warning] wxpdorofeevms (10.81.1.254) connect to service tmp initially as user TMN+dorofeevms (uid=10000, gid=10000) (pid 20403) Feb 5 08:42:31 as08-tmn named[144]: [ID 873579 daemon.debug] clientmgr @18d098: createclients Feb 5 08:42:31 as08-tmn named[144]: [ID 873579 daemon.debug] clientmgr @18d098: recycle Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.info] [2004/02/05 08:42:37, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(232) Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.info] [20407]: request interface version Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.info] [2004/02/05 08:42:37, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(268) Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.info] [20407]: request location of privileged pipe Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.debug] [2004/02/05 08:42:37, 5] nsswitch/winbindd.c:winbind_client_read(464) Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.debug] read failed on sock 22, pid 20407: EOF Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.info] [2004/02/05 08:42:37, 3] nsswitch/winbindd_group.c:winbindd_getgrgid(339) Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.info] [20407]: getgrgid 10000 Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.debug] [2004/02/05 08:42:37, 5] nsswitch/winbindd.c:winbind_client_read(464) Feb 5 08:42:37 as08-tmn winbindd[20354]: [ID 702911 daemon.debug] read failed on sock 23, pid 20407: EOF ...................... What might be the problem ? Sincerely yours, Mike
Apparently Analagous Threads
- idmap uid range 10000-20000: pam_winbind does NOT wor k ?
- user granted access, but still no shell prompt
- Telnet to samba box does NOT work: wb_getgrgid: failed to locate gid == 1000
- PAM (winbind?) auth still does NOT work on Solaris 9
- W2K AD domain join success, wbinfo -t error - question