Hi Rowland,
I did. Unfortunately something is still amiss. I do receive a
response from 'getent group domain users'(users:x:100).
On 12/31/2014 12:26 PM, Rowland Penny wrote:> On 31/12/14 17:23, James wrote:
>> Rowland,
>>
>> I set a user with a uid and domain users group with a gid but
I'm
>> still unable to view them using 'id'. I do notice a few strange
>> observations. If I go to another user to attempt to assign a uid. I
>> get the default value of 10000. I would expect 2001 given I set the
>> first user with uid 2000. Groups however appear to increment.
>>
>> On 12/31/2014 10:52 AM, Rowland Penny wrote:
>>> On 31/12/14 15:42, James wrote:
>>>> Hello Stefan,
>>>>
>>>> I learned the hard way about .local. I understand going
forward.
>>>>
>>>> I do have an issue with the member server. Following along with
the
>>>> wiki I get stuck at 'Testing the Winbind user/group
mapping'.
>>>> Wbinfo works as expected but not
>>>>
>>>> #*id DomainUser*
>>>>
>>>> #*getent passwd*
>>>>
>>>> #*getent group*
>>>>
>>>> #*chown DomainUser:DomainGroup file*
>>>>
>>>> #*chgrp DomainGroup file*
>>>>
>>>> etc.
>>>>
>>>> I receive 'id: sambauser: No such user'. It will only
retrieve
>>>> local machine users. Let me preface by saying this is a Ubuntu
>>>> 12.04 server with Samba 4.1.14. Thanks.
>>>>
>>>> On 12/31/2014 10:00 AM, Stefan Kania wrote:
>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>> Hash: SHA1
>>>>>
>>>>> Hello James,
>>>>>
>>>>> Am 31.12.2014 um 15:48 schrieb James:> Hello,
>>>>>> I'm following along with the wiki(Setup a Samba AD
Member Server)
>>>>>> and I have a question after reading the 'Set up a
basic smb.conf'
>>>>>> section.
>>>>> Please show us your smb.conf
>>>>>
>>>>> Do I need to extend the schema in order for my member
server to
>>>>>> successfully join and service file shares?
>>>>> No, you dont have to.
>>>>>
>>>>> Do I need to configure a
>>>>>> krb5.conf file? Thanks.
>>>>> If your DC is a samba4 DC just copy krb5.conf to your new
>>>>> memberserver
>>>>> Stefan
>>>>>
>>>>> - -- Stefan Kania
>>>>> Landweg 13
>>>>> 25693 St. Michaelisdonn
>>>>>
>>>>>
>>>>> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren
Sie ihre
>>>>> E-Mail. Weiter Informationen unter http://www.gnupg.org
>>>>>
>>>>> Mein Schl?ssel liegt auf
>>>>>
>>>>> hkp://subkeys.pgp.net
>>>>>
>>>>> -----BEGIN PGP SIGNATURE-----
>>>>> Version: GnuPG v1
>>>>>
>>>>>
iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7
>>>>> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN
>>>>> =SOSt
>>>>> -----END PGP SIGNATURE-----
>>>>
>>>
>>> If you followed the wiki, you will be using the 'ad'
backend. For
>>> this to work, you need to add 'uidNumber' attributes to
your users
>>> and a 'gidNumber' attribute to at least the Domain Users
group. the
>>> numbers that you add must be between the range you set in your
>>> smb.conf, again if you followed the wiki, this will be between
>>> 500-40000.
>>>
>>> Rowland
>>
>
> You have restarted samba, haven't you ?
> You may have to wait a short time, or clear the cache with 'net cache
> flush'
>
> Rowland
>
--
-James
On 31/12/14 17:55, James wrote:> Hi Rowland, > > I did. Unfortunately something is still amiss. I do receive a > response from 'getent group domain users'(users:x:100). > > On 12/31/2014 12:26 PM, Rowland Penny wrote: >> On 31/12/14 17:23, James wrote: >>> Rowland, >>> >>> I set a user with a uid and domain users group with a gid but >>> I'm still unable to view them using 'id'. I do notice a few strange >>> observations. If I go to another user to attempt to assign a uid. I >>> get the default value of 10000. I would expect 2001 given I set the >>> first user with uid 2000. Groups however appear to increment. >>> >>> On 12/31/2014 10:52 AM, Rowland Penny wrote: >>>> On 31/12/14 15:42, James wrote: >>>>> Hello Stefan, >>>>> >>>>> I learned the hard way about .local. I understand going forward. >>>>> >>>>> I do have an issue with the member server. Following along with >>>>> the wiki I get stuck at 'Testing the Winbind user/group mapping'. >>>>> Wbinfo works as expected but not >>>>> >>>>> #*id DomainUser* >>>>> >>>>> #*getent passwd* >>>>> >>>>> #*getent group* >>>>> >>>>> #*chown DomainUser:DomainGroup file* >>>>> >>>>> #*chgrp DomainGroup file* >>>>> >>>>> etc. >>>>> >>>>> I receive 'id: sambauser: No such user'. It will only retrieve >>>>> local machine users. Let me preface by saying this is a Ubuntu >>>>> 12.04 server with Samba 4.1.14. Thanks. >>>>> >>>>> On 12/31/2014 10:00 AM, Stefan Kania wrote: >>>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>>> Hash: SHA1 >>>>>> >>>>>> Hello James, >>>>>> >>>>>> Am 31.12.2014 um 15:48 schrieb James:> Hello, >>>>>>> I'm following along with the wiki(Setup a Samba AD Member Server) >>>>>>> and I have a question after reading the 'Set up a basic smb.conf' >>>>>>> section. >>>>>> Please show us your smb.conf >>>>>> >>>>>> Do I need to extend the schema in order for my member server to >>>>>>> successfully join and service file shares? >>>>>> No, you dont have to. >>>>>> >>>>>> Do I need to configure a >>>>>>> krb5.conf file? Thanks. >>>>>> If your DC is a samba4 DC just copy krb5.conf to your new >>>>>> memberserver >>>>>> Stefan >>>>>> >>>>>> - -- Stefan Kania >>>>>> Landweg 13 >>>>>> 25693 St. Michaelisdonn >>>>>> >>>>>> >>>>>> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre >>>>>> E-Mail. Weiter Informationen unter http://www.gnupg.org >>>>>> >>>>>> Mein Schl?ssel liegt auf >>>>>> >>>>>> hkp://subkeys.pgp.net >>>>>> >>>>>> -----BEGIN PGP SIGNATURE----- >>>>>> Version: GnuPG v1 >>>>>> >>>>>> iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7 >>>>>> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN >>>>>> =SOSt >>>>>> -----END PGP SIGNATURE----- >>>>> >>>> >>>> If you followed the wiki, you will be using the 'ad' backend. For >>>> this to work, you need to add 'uidNumber' attributes to your users >>>> and a 'gidNumber' attribute to at least the Domain Users group. the >>>> numbers that you add must be between the range you set in your >>>> smb.conf, again if you followed the wiki, this will be between >>>> 500-40000. >>>> >>>> Rowland >>> >> >> You have restarted samba, haven't you ? >> You may have to wait a short time, or clear the cache with 'net cache >> flush' >> >> Rowland >> >OK, can you post the 'passwd' & 'group' lines from /etc/nsswitch Do you get anything from 'getent passwd <a domain user>' Rowland
Hi Rowland,
passwd: compat winbind
group: compat winbind
'getent passwd tuser' results in a blank terminal line.
On 12/31/2014 1:12 PM, Rowland Penny wrote:> On 31/12/14 17:55, James wrote:
>> Hi Rowland,
>>
>> I did. Unfortunately something is still amiss. I do receive a
>> response from 'getent group domain users'(users:x:100).
>>
>> On 12/31/2014 12:26 PM, Rowland Penny wrote:
>>> On 31/12/14 17:23, James wrote:
>>>> Rowland,
>>>>
>>>> I set a user with a uid and domain users group with a gid
but
>>>> I'm still unable to view them using 'id'. I do
notice a few strange
>>>> observations. If I go to another user to attempt to assign a
uid. I
>>>> get the default value of 10000. I would expect 2001 given I set
the
>>>> first user with uid 2000. Groups however appear to increment.
>>>>
>>>> On 12/31/2014 10:52 AM, Rowland Penny wrote:
>>>>> On 31/12/14 15:42, James wrote:
>>>>>> Hello Stefan,
>>>>>>
>>>>>> I learned the hard way about .local. I understand
going forward.
>>>>>>
>>>>>> I do have an issue with the member server. Following
along with
>>>>>> the wiki I get stuck at 'Testing the Winbind
user/group mapping'.
>>>>>> Wbinfo works as expected but not
>>>>>>
>>>>>> #*id DomainUser*
>>>>>>
>>>>>> #*getent passwd*
>>>>>>
>>>>>> #*getent group*
>>>>>>
>>>>>> #*chown DomainUser:DomainGroup file*
>>>>>>
>>>>>> #*chgrp DomainGroup file*
>>>>>>
>>>>>> etc.
>>>>>>
>>>>>> I receive 'id: sambauser: No such user'. It
will only retrieve
>>>>>> local machine users. Let me preface by saying this is a
Ubuntu
>>>>>> 12.04 server with Samba 4.1.14. Thanks.
>>>>>>
>>>>>> On 12/31/2014 10:00 AM, Stefan Kania wrote:
>>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>>>> Hash: SHA1
>>>>>>>
>>>>>>> Hello James,
>>>>>>>
>>>>>>> Am 31.12.2014 um 15:48 schrieb James:> Hello,
>>>>>>>> I'm following along with the wiki(Setup a
Samba AD Member Server)
>>>>>>>> and I have a question after reading the
'Set up a basic smb.conf'
>>>>>>>> section.
>>>>>>> Please show us your smb.conf
>>>>>>>
>>>>>>> Do I need to extend the schema in order for my
member server to
>>>>>>>> successfully join and service file shares?
>>>>>>> No, you dont have to.
>>>>>>>
>>>>>>> Do I need to configure a
>>>>>>>> krb5.conf file? Thanks.
>>>>>>> If your DC is a samba4 DC just copy krb5.conf to
your new
>>>>>>> memberserver
>>>>>>> Stefan
>>>>>>>
>>>>>>> - -- Stefan Kania
>>>>>>> Landweg 13
>>>>>>> 25693 St. Michaelisdonn
>>>>>>>
>>>>>>>
>>>>>>> Signieren jeder E-Mail hilft Spam zu reduzieren.
Signieren Sie ihre
>>>>>>> E-Mail. Weiter Informationen unter
http://www.gnupg.org
>>>>>>>
>>>>>>> Mein Schl?ssel liegt auf
>>>>>>>
>>>>>>> hkp://subkeys.pgp.net
>>>>>>>
>>>>>>> -----BEGIN PGP SIGNATURE-----
>>>>>>> Version: GnuPG v1
>>>>>>>
>>>>>>>
iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7
>>>>>>> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN
>>>>>>> =SOSt
>>>>>>> -----END PGP SIGNATURE-----
>>>>>>
>>>>>
>>>>> If you followed the wiki, you will be using the
'ad' backend. For
>>>>> this to work, you need to add 'uidNumber'
attributes to your users
>>>>> and a 'gidNumber' attribute to at least the Domain
Users group.
>>>>> the numbers that you add must be between the range you set
in your
>>>>> smb.conf, again if you followed the wiki, this will be
between
>>>>> 500-40000.
>>>>>
>>>>> Rowland
>>>>
>>>
>>> You have restarted samba, haven't you ?
>>> You may have to wait a short time, or clear the cache with 'net
>>> cache flush'
>>>
>>> Rowland
>>>
>>
> OK, can you post the 'passwd' & 'group' lines from
/etc/nsswitch
>
> Do you get anything from 'getent passwd <a domain user>'
>
> Rowland
>
--
-James