Jhon P
2015-Mar-22 21:55 UTC
[Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
The locate libnss_winbind.so display. /lib/libnss_winbind.so /lib/libnss_winbind.so.2 /lib/x86_64-linux-gnu/libnss_winbind.so /lib/x86_64-linux-gnu/libnss_winbind.so.2 /lib64/libnss_winbind.so /lib64/libnss_winbind.so2 /usr/lib/x86_64-linux-gnu/libnss_winbind.so /usr/lib/x86_64-linux-gnu/libnss_winbind.so.2 /usr/local/samba/lib/libnss_winbind.so /usr/local/samba/lib/libnss_winbind.so.2 /usr/src/samba4/bin/shared/libnss_winbind.so.2> From: patocius at hotmail.com > To: rowlandpenny at googlemail.com; samba at lists.samba.org > Date: Sun, 22 Mar 2015 20:04:52 +0000 > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes > > Even "getent" does not show me the domain users. > > Yes, im rember, im install sernet version the first time, after im uninstall it. > As we know? if the version of winbind is correct and if the samba daemon running. > > > Regards > > > Date: Sat, 21 Mar 2015 18:36:13 +0000 > > From: rowlandpenny at googlemail.com > > To: samba at lists.samba.org > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes > > > > On 21/03/15 18:08, Jhon P wrote: > > > Ready changed what you asked me and restart the samba service. > > > Yet I only see the UID instead of domain users. :-/ > > > > > > One question. > > > > > > I do not see the service "winbind or winbindd" running, is this correct. > > > I can not find it in init.d > > > > > > Also "wbinfo -u" Show me the domain users. > > > > > > Thanks for helpme, sorry for noob question. > > > > > > > Date: Sat, 21 Mar 2015 09:00:37 +0000 > > > > From: rowlandpenny at googlemail.com > > > > To: samba at lists.samba.org > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > On 21/03/15 00:10, Jhon P wrote: > > > > > Now I realized what the documentation says, sucessfull. > > > > > > > > > > I returned to run the above command and these results changed. > > > > > > > > > > Change the settings of smb.conf, now looks: > > > > > > > > > > [global] > > > > > workgroup = KENNEDY > > > > > realm = kennedy.edu > > > > > netbios name = PROTEUS > > > > > server role = active directory domain controller > > > > > dns forwarder = 200.40.220.245 > > > > > allow dns updates = nonsecure and secure > > > > > server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > > > > > winbind, ntp_signd, kcc, dnsupdate, dns, smb > > > > > dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, > > > > > netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, > > > > > eventlog6, backupkey, dnsserver, winreg, srvsvc > > > > > > > > > > idmap_ldb:use rfc2307 = yes > > > > > #winbind use default domain = yes > > > > > #winbind enum users = yes > > > > > #winbind enum groups = yes > > > > > #winbind nested groups = yes > > > > > log level = 3 > > > > > log file = /var/log/samba/samba.log > > > > > # unix charset = ISO8859-1 > > > > > > > > > > #[netlogon antes] > > > > > #path = /usr/local/samba/var/locks/sysvol/kennedy.edu/scripts > > > > > #read only = No > > > > > > > > > > > > > > > Start of service. > > > > > > > > > > But I did not change anything is still showing me the UID instead of > > > > > domain name, :-/ . > > > > > > > > > > > Date: Fri, 20 Mar 2015 21:46:58 +0000 > > > > > > From: rowlandpenny at googlemail.com > > > > > > To: samba at lists.samba.org > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > On 20/03/15 21:19, Jhon P wrote: > > > > > > > Im think not provisioned with provisioned with '--use-rfc2307' > > > > > > > > > > > > > > root at proteus:~# ldbsearch -H /usr/local/samba/private/sam.ldb -b > > > > > > > 'dc=kennedy,dc=edu' -s sub '(objectclass=msSFU30DomainInfo)' > > > > > > > GENSEC backend 'gssapi_spnego' registered > > > > > > > GENSEC backend 'gssapi_krb5' registered > > > > > > > GENSEC backend 'gssapi_krb5_sasl' registered > > > > > > > GENSEC backend 'schannel' registered > > > > > > > GENSEC backend 'spnego' registered > > > > > > > GENSEC backend 'ntlmssp' registered > > > > > > > GENSEC backend 'krb5' registered > > > > > > > GENSEC backend 'fake_gssapi_krb5' registered > > > > > > > # Referral > > > > > > > ref: ldap://kennedy.edu/CN=Configuration,DC=kennedy,DC=edu > > > > > > > > > > > > > > # Referral > > > > > > > ref: ldap://kennedy.edu/DC=DomainDnsZones,DC=kennedy,DC=edu > > > > > > > > > > > > > > # Referral > > > > > > > ref: ldap://kennedy.edu/DC=ForestDnsZones,DC=kennedy,DC=edu > > > > > > > > > > > > > > # returned 3 records > > > > > > > # 0 entries > > > > > > > # 3 referrals > > > > > > > > > > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 20:55:24 +0000 > > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > > To: samba at lists.samba.org > > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > > domain user > > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > > > On 20/03/15 20:39, Jhon P wrote: > > > > > > > > > OK, i try removing this block, and add the line. > > > > > > > > > Restart samba but nothing happends. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 20:01:04 +0000 > > > > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > > > > To: samba at lists.samba.org > > > > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > > > > domain user > > > > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > > > > > > > On 20/03/15 19:47, Jhon P wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Yes im have a file: > > > > > > > > > > > > > > > > > > > > > > -rw-r--r-- 1 root root 19K Jan 10 2014 libnss_winbind.so.2 > > > > > > > > > > > > > > > > > > > > > > My pam: > > > > > > > > > > > PAM profiles to enable: > > > > > > > > > > > ? [*] Unix authentication > > > > > > > > > > > ? [*] Winbind NT/Active Directory authentication > > > > > > > > > > > ? [ ] ConsoleKit Session Management > > > > > > > > > > > ? [ ] Inheritable Capabilities Management > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Date: Fri, 20 Mar 2015 18:21:57 +0000 > > > > > > > > > > >> From: rowlandpenny at googlemail.com > > > > > > > > > > >> To: samba at lists.samba.org > > > > > > > > > > >> Subject: Re: [Samba] Samba 4.1 gentent, ls, no > > > display domain > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > >> > > > > > > > > > > >> On 20/03/15 17:32, Jhon P wrote: > > > > > > > > > > >>> I install samba 4.1 from > > > > > > > > > > >>> the sources. In Debian 7.0 "wheezy" > > > > > > > > > > >>> a year ago. > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> Thanks for responding. > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> From: patocius at hotmail.com > > > > > > > > > > >>> To: rowlandpenny at googlemail.com > > > > > > > > > > >>> Subject: RE: [Samba] Samba 4.1 gentent, ls, no display > > > > > domain > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > >>> Date: Fri, 20 Mar 2015 17:28:05 +0000 > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> > > > > > > > > > > >>> I install samba 4.1 from the sources. In Debian 7.0 > > > > > "wheezy" a > > > > > > > > > year ago. > > > > > > > > > > >>> > > > > > > > > > > >>> Thanks for responding. > > > > > > > > > > >>> > > > > > > > > > > >>> Patocius > > > > > > > > > > >>> > > > > > > > > > > >>>> Date: Fri, 20 Mar 2015 17:15:50 +0000 > > > > > > > > > > >>>> From: rowlandpenny at googlemail.com > > > > > > > > > > >>>> To: samba at lists.samba.org > > > > > > > > > > >>>> Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > > > > domain > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > >>>> > > > > > > > > > > >>>> On 20/03/15 16:58, Jhon P wrote: > > > > > > > > > > >>>>> Hello friends: > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> I hope you can help me with this I'm struggling a > > > year ago > > > > > > > > > > >>>>> After breaking my head migrating a server with > > > Samba Samba > > > > > > > 2.1 > > > > > > > > > to 4.1 all stay perfect and functional. > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> All files are in this domain controller for now, and > > > > > then be > > > > > > > > > moved to a domain member, "the file server". > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> I configure the server as ADDC Samba 4.1 and up here > > > > > all went > > > > > > > > > well, the shares, the users, winbind, NetLogons, machines, > > > etc.But > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> When I have to use the "ls" on the terminal > > > display UID > > > > > > > > > command instead of domain user name. > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> -rwxrwx --- 1 root users 100K February 28, 2012 > > > > > protocolo.pdf > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 21K June 27, 2013 > > > proyecto.doc > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 21K June 21, 2013 Project > > > 3?.doc > > > > > > > > > > >>>>> drwxrwxr-x 2 3000085 4.0K users Mar 17 12:59 > > > PROYECTO.txt > > > > > > > > > > >>>>> -rwxrwxr-- 1 3000085 28K users Mar 12 12:11 > > > segundo.doc > > > > > > > Project > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 96K July 22, 2013 > > > > > recomendaciones.cls > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> If I run the "gentent" command only shows me posix > > > users. > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> Example: > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> daemon: x: 1: 1: daemon: / usr / sbin: / bin / sh > > > > > > > > > > >>>>> bin: x: 2: 2: bin: / bin: / bin / sh > > > > > > > > > > >>>>> sys: x: 3: 3: sys: / dev: / bin / sh > > > > > > > > > > >>>>> sync: x: 4: 65534: sync: / bin: / bin / sync > > > > > > > > > > >>>>> ... > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> But if I do, "wbinfo -u" > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> cupcakes > > > > > > > > > > >>>>> claudiap > > > > > > > > > > >>>>> johanao > > > > > > > > > > >>>>> agustinap > > > > > > > > > > >>>>> gabrielaa > > > > > > > > > > >>>>> .... > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> My nsswitch.conf > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> # /etc/nsswitch.conf > > > > > > > > > > >>>>> # > > > > > > > > > > >>>>> # Example configuration of GNU Name Service Switch > > > > > > > functionality. > > > > > > > > > > >>>>> # If you have the `glibc-doc-reference' and `info' > > > > > packages > > > > > > > > > installed, try: > > > > > > > > > > >>>>> # `info libc "Name Service Switch"' for > > > information about > > > > > > > this > > > > > > > > > file. > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> passwd: compat winbind > > > > > > > > > > >>>>> group: compat winbind > > > > > > > > > > >>>>> shadow: compat > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 > > > > > > > > > > >>>>> networks: files > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> protocols: db files > > > > > > > > > > >>>>> services: db files > > > > > > > > > > >>>>> ethers: db files > > > > > > > > > > >>>>> rpc: db files > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> netgroup: nis > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> My smb.conf > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> [global] > > > > > > > > > > >>>>> workgroup = PROTEUS > > > > > > > > > > >>>>> realm = proteus.local > > > > > > > > > > >>>>> netbios name = HARDCORE > > > > > > > > > > >>>>> server role = active directory domain controller > > > > > > > > > > >>>>> dns forwarder = 200.40.220.245 > > > > > > > > > > >>>>> allow dns updates = nonsecure and secure > > > > > > > > > > >>>>> server services = rpc, nbt, wrepl, ldap, cldap, kdc, > > > > > drepl, > > > > > > > > > winbind, ntp_signd, kcc, dnsupdate, dns, smb > > > > > > > > > > >>>>> dcerpc endpoint servers = epmapper, wkssvc, > > > rpcecho, samr, > > > > > > > > > netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, > > > browser, > > > > > > > > > eventlog6, backupkey, dnsserver, winreg, srvsvc > > > > > > > > > > >>>>> winbind enum users = yes > > > > > > > > > > >>>>> winbind enum groups = yes > > > > > > > > > > >>>>> winbind use default domain = yes > > > > > > > > > > >>>>> winbind nested groups = yes > > > > > > > > > > >>>>> log level = 3 > > > > > > > > > > >>>>> log file = /var/log/samba/samba.log > > > > > > > > > > >>>>> # unix charset = ISO8859-1 > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> I appreciate any help you can give me > > > > > > > > > > >>>>> > > > > > > > > > > >>>>> Regards. > > > > > > > > > > >>>>> > > > > > > > > > > >>>> How did you install samba4, did you compile it > > > yourself > > > > > or was > > > > > > > > > it from > > > > > > > > > > >>>> packages and on what OS. > > > > > > > > > > >>>> > > > > > > > > > > >>>> If you did compile it yourself, there is a couple > > > of links > > > > > > > that > > > > > > > > > will > > > > > > > > > > >>>> need creating and your users & groups will need to have > > > > > > > > > uidNumbers & > > > > > > > > > > >>>> gidNumbers. > > > > > > > > > > >>>> > > > > > > > > > > >>>> Rowland > > > > > > > > > > >>>> -- > > > > > > > > > > >>>> To unsubscribe from this list go to the following > > > URL and > > > > > > > read the > > > > > > > > > > >>>> instructions: > > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > >>> > > > > > > > > > > >> OK, have you got a link (or a file) > > > > > > > > > > >> /lib/x86_64-linux-gnu/libnss_winbind.so.2 ? > > > > > > > > > > >> > > > > > > > > > > >> What does 'pam-auth-update' show ? > > > > > > > > > > >> > > > > > > > > > > >> Rowland > > > > > > > > > > >> > > > > > > > > > > >> -- > > > > > > > > > > >> To unsubscribe from this list go to the following URL and > > > > > > > read the > > > > > > > > > > >> instructions: > > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > OK, try removing this block from smb.conf on the DC: > > > > > > > > > > > > > > > > > > > > Winbind enum users = yes > > > > > > > > > > Winbind enum groups = yes > > > > > > > > > > Winbind use default domain = yes > > > > > > > > > > Winbind nested groups = yes > > > > > > > > > > > > > > > > > > > > Add: > > > > > > > > > > > > > > > > > > > > idmap_ldb:use rfc2307 = yes > > > > > > > > > > > > > > > > > > > > Rowland > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > To unsubscribe from this list go to the following URL and > > > > > read the > > > > > > > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > can you remember if you provisioned with '--use-rfc2307' ? > > > > > > > > > > > > > > > > If unsure, you can find out if the required schema extension is > > > > > > > > installed with: > > > > > > > > > > > > > > > > ldbsearch -H /usr/local/samba/private/sam.ldb -b > > > > > 'dc=example,dc=com' -s > > > > > > > > sub '(objectclass=msSFU30DomainInfo)' > > > > > > > > > > > > > > > > This relies on ldb-tools being installed normally, but as you > > > > > compiled > > > > > > > > samba yourself it should be available > > > > > > > > > > > > > > > > Rowland > > > > > > > > > > > > > > > > -- > > > > > > > > To unsubscribe from this list go to the following URL and > > > read the > > > > > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > have a look here: > > > > > > > > > > > > > > > > > > > > https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Extending_the_Schema_for_NIS_Extensions > > > > > > > > > > > > Rowland > > > > > > -- > > > > > > To unsubscribe from this list go to the following URL and read the > > > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > > > OK, you need one further change after adding the ypServ30.ldif, you > > > > need to change this: > > > > > > > > server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, > > > > ntp_signd, kcc, dnsupdate, dns, smb > > > > > > > > To this: > > > > > > > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > > > > winbind, ntp_signd, kcc, dnsupdate, dns > > > > > > > > Rowland > > > > > > > > -- > > > > To unsubscribe from this list go to the following URL and read the > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > OK, you have extended the schema as per the webpage link I posted, you > > are now using s3fs instead of ntvfs and have restarted samba, you should > > be able to get users with getent, did you have any version of samba > > installed before installing samba4 ? if so you could have the wrong > > libnss_winbind files in /lib > > > > As to your winbind question, If you are running any version of samba4 > > that is less than 4.2, winbind is built into the 'samba' daemon. With > > samba 4.2, the 'samba' daemon starts the 'winbindd' deamon instead. > > > > Rowland > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Rowland Penny
2015-Mar-22 22:24 UTC
[Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
On 22/03/15 21:55, Jhon P wrote:> The locate libnss_winbind.so display. > > /lib/libnss_winbind.so > /lib/libnss_winbind.so.2 > /lib/x86_64-linux-gnu/libnss_winbind.so > /lib/x86_64-linux-gnu/libnss_winbind.so.2 > /lib64/libnss_winbind.so > /lib64/libnss_winbind.so2 > /usr/lib/x86_64-linux-gnu/libnss_winbind.so > /usr/lib/x86_64-linux-gnu/libnss_winbind.so.2 > /usr/local/samba/lib/libnss_winbind.so > /usr/local/samba/lib/libnss_winbind.so.2 > /usr/src/samba4/bin/shared/libnss_winbind.so.2 > > > > From: patocius at hotmail.com > > To: rowlandpenny at googlemail.com; samba at lists.samba.org > > Date: Sun, 22 Mar 2015 20:04:52 +0000 > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > name on Primary ACDC but wbinfo -u yes > > > > Even "getent" does not show me the domain users. > > > > Yes, im rember, im install sernet version the first time, after im > uninstall it. > > As we know? if the version of winbind is correct and if the samba > daemon running. > > > > > > Regards > > > > > Date: Sat, 21 Mar 2015 18:36:13 +0000 > > > From: rowlandpenny at googlemail.com > > > To: samba at lists.samba.org > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > name on Primary ACDC but wbinfo -u yes > > > > > > On 21/03/15 18:08, Jhon P wrote: > > > > Ready changed what you asked me and restart the samba service. > > > > Yet I only see the UID instead of domain users. :-/ > > > > > > > > One question. > > > > > > > > I do not see the service "winbind or winbindd" running, is this > correct. > > > > I can not find it in init.d > > > > > > > > Also "wbinfo -u" Show me the domain users. > > > > > > > > Thanks for helpme, sorry for noob question. > > > > > > > > > Date: Sat, 21 Mar 2015 09:00:37 +0000 > > > > > From: rowlandpenny at googlemail.com > > > > > To: samba at lists.samba.org > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > On 21/03/15 00:10, Jhon P wrote: > > > > > > Now I realized what the documentation says, sucessfull. > > > > > > > > > > > > I returned to run the above command and these results changed. > > > > > > > > > > > > Change the settings of smb.conf, now looks: > > > > > > > > > > > > [global] > > > > > > workgroup = KENNEDY > > > > > > realm = kennedy.edu > > > > > > netbios name = PROTEUS > > > > > > server role = active directory domain controller > > > > > > dns forwarder = 200.40.220.245 > > > > > > allow dns updates = nonsecure and secure > > > > > > server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > > > > > > winbind, ntp_signd, kcc, dnsupdate, dns, smb > > > > > > dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, > > > > > > netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, > > > > > > eventlog6, backupkey, dnsserver, winreg, srvsvc > > > > > > > > > > > > idmap_ldb:use rfc2307 = yes > > > > > > #winbind use default domain = yes > > > > > > #winbind enum users = yes > > > > > > #winbind enum groups = yes > > > > > > #winbind nested groups = yes > > > > > > log level = 3 > > > > > > log file = /var/log/samba/samba.log > > > > > > # unix charset = ISO8859-1 > > > > > > > > > > > > #[netlogon antes] > > > > > > #path = /usr/local/samba/var/locks/sysvol/kennedy.edu/scripts > > > > > > #read only = No > > > > > > > > > > > > > > > > > > Start of service. > > > > > > > > > > > > But I did not change anything is still showing me the UID > instead of > > > > > > domain name, :-/ . > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 21:46:58 +0000 > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > To: samba at lists.samba.org > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > domain user > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > On 20/03/15 21:19, Jhon P wrote: > > > > > > > > Im think not provisioned with provisioned with > '--use-rfc2307' > > > > > > > > > > > > > > > > root at proteus:~# ldbsearch -H > /usr/local/samba/private/sam.ldb -b > > > > > > > > 'dc=kennedy,dc=edu' -s sub '(objectclass=msSFU30DomainInfo)' > > > > > > > > GENSEC backend 'gssapi_spnego' registered > > > > > > > > GENSEC backend 'gssapi_krb5' registered > > > > > > > > GENSEC backend 'gssapi_krb5_sasl' registered > > > > > > > > GENSEC backend 'schannel' registered > > > > > > > > GENSEC backend 'spnego' registered > > > > > > > > GENSEC backend 'ntlmssp' registered > > > > > > > > GENSEC backend 'krb5' registered > > > > > > > > GENSEC backend 'fake_gssapi_krb5' registered > > > > > > > > # Referral > > > > > > > > ref: ldap://kennedy.edu/CN=Configuration,DC=kennedy,DC=edu > > > > > > > > > > > > > > > > # Referral > > > > > > > > ref: ldap://kennedy.edu/DC=DomainDnsZones,DC=kennedy,DC=edu > > > > > > > > > > > > > > > > # Referral > > > > > > > > ref: ldap://kennedy.edu/DC=ForestDnsZones,DC=kennedy,DC=edu > > > > > > > > > > > > > > > > # returned 3 records > > > > > > > > # 0 entries > > > > > > > > # 3 referrals > > > > > > > > > > > > > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 20:55:24 +0000 > > > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > > > To: samba at lists.samba.org > > > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > > > domain user > > > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > > > > > On 20/03/15 20:39, Jhon P wrote: > > > > > > > > > > OK, i try removing this block, and add the line. > > > > > > > > > > Restart samba but nothing happends. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 20:01:04 +0000 > > > > > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > > > > > To: samba at lists.samba.org > > > > > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > > > > > domain user > > > > > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > > > > > > > > > On 20/03/15 19:47, Jhon P wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Yes im have a file: > > > > > > > > > > > > > > > > > > > > > > > > -rw-r--r-- 1 root root 19K Jan 10 2014 > libnss_winbind.so.2 > > > > > > > > > > > > > > > > > > > > > > > > My pam: > > > > > > > > > > > > PAM profiles to enable: > > > > > > > > > > > > ? [*] Unix authentication > > > > > > > > > > > > ? [*] Winbind NT/Active Directory authentication > > > > > > > > > > > > ? [ ] ConsoleKit Session Management > > > > > > > > > > > > ? [ ] Inheritable Capabilities Management > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Date: Fri, 20 Mar 2015 18:21:57 +0000 > > > > > > > > > > > >> From: rowlandpenny at googlemail.com > > > > > > > > > > > >> To: samba at lists.samba.org > > > > > > > > > > > >> Subject: Re: [Samba] Samba 4.1 gentent, ls, no > > > > display domain > > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > >> > > > > > > > > > > > >> On 20/03/15 17:32, Jhon P wrote: > > > > > > > > > > > >>> I install samba 4.1 from > > > > > > > > > > > >>> the sources. In Debian 7.0 "wheezy" > > > > > > > > > > > >>> a year ago. > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> Thanks for responding. > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> From: patocius at hotmail.com > > > > > > > > > > > >>> To: rowlandpenny at googlemail.com > > > > > > > > > > > >>> Subject: RE: [Samba] Samba 4.1 gentent, ls, no > display > > > > > > domain > > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > >>> Date: Fri, 20 Mar 2015 17:28:05 +0000 > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> > > > > > > > > > > > >>> I install samba 4.1 from the sources. In > Debian 7.0 > > > > > > "wheezy" a > > > > > > > > > > year ago. > > > > > > > > > > > >>> > > > > > > > > > > > >>> Thanks for responding. > > > > > > > > > > > >>> > > > > > > > > > > > >>> Patocius > > > > > > > > > > > >>> > > > > > > > > > > > >>>> Date: Fri, 20 Mar 2015 17:15:50 +0000 > > > > > > > > > > > >>>> From: rowlandpenny at googlemail.com > > > > > > > > > > > >>>> To: samba at lists.samba.org > > > > > > > > > > > >>>> Subject: Re: [Samba] Samba 4.1 gentent, ls, > no display > > > > > > domain > > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > >>>> > > > > > > > > > > > >>>> On 20/03/15 16:58, Jhon P wrote: > > > > > > > > > > > >>>>> Hello friends: > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> I hope you can help me with this I'm > struggling a > > > > year ago > > > > > > > > > > > >>>>> After breaking my head migrating a server with > > > > Samba Samba > > > > > > > > 2.1 > > > > > > > > > > to 4.1 all stay perfect and functional. > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> All files are in this domain controller for > now, and > > > > > > then be > > > > > > > > > > moved to a domain member, "the file server". > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> I configure the server as ADDC Samba 4.1 and > up here > > > > > > all went > > > > > > > > > > well, the shares, the users, winbind, NetLogons, > machines, > > > > etc.But > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> When I have to use the "ls" on the terminal > > > > display UID > > > > > > > > > > command instead of domain user name. > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> -rwxrwx --- 1 root users 100K February 28, 2012 > > > > > > protocolo.pdf > > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 21K June 27, 2013 > > > > proyecto.doc > > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 21K June 21, 2013 > Project > > > > 3?.doc > > > > > > > > > > > >>>>> drwxrwxr-x 2 3000085 4.0K users Mar 17 12:59 > > > > PROYECTO.txt > > > > > > > > > > > >>>>> -rwxrwxr-- 1 3000085 28K users Mar 12 12:11 > > > > segundo.doc > > > > > > > > Project > > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 96K July 22, 2013 > > > > > > recomendaciones.cls > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> If I run the "gentent" command only shows me > posix > > > > users. > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> Example: > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> daemon: x: 1: 1: daemon: / usr / sbin: / bin > / sh > > > > > > > > > > > >>>>> bin: x: 2: 2: bin: / bin: / bin / sh > > > > > > > > > > > >>>>> sys: x: 3: 3: sys: / dev: / bin / sh > > > > > > > > > > > >>>>> sync: x: 4: 65534: sync: / bin: / bin / sync > > > > > > > > > > > >>>>> ... > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> But if I do, "wbinfo -u" > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> cupcakes > > > > > > > > > > > >>>>> claudiap > > > > > > > > > > > >>>>> johanao > > > > > > > > > > > >>>>> agustinap > > > > > > > > > > > >>>>> gabrielaa > > > > > > > > > > > >>>>> .... > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> My nsswitch.conf > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> # /etc/nsswitch.conf > > > > > > > > > > > >>>>> # > > > > > > > > > > > >>>>> # Example configuration of GNU Name Service > Switch > > > > > > > > functionality. > > > > > > > > > > > >>>>> # If you have the `glibc-doc-reference' and > `info' > > > > > > packages > > > > > > > > > > installed, try: > > > > > > > > > > > >>>>> # `info libc "Name Service Switch"' for > > > > information about > > > > > > > > this > > > > > > > > > > file. > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> passwd: compat winbind > > > > > > > > > > > >>>>> group: compat winbind > > > > > > > > > > > >>>>> shadow: compat > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> hosts: files mdns4_minimal [NOTFOUND=return] > dns mdns4 > > > > > > > > > > > >>>>> networks: files > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> protocols: db files > > > > > > > > > > > >>>>> services: db files > > > > > > > > > > > >>>>> ethers: db files > > > > > > > > > > > >>>>> rpc: db files > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> netgroup: nis > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> My smb.conf > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> [global] > > > > > > > > > > > >>>>> workgroup = PROTEUS > > > > > > > > > > > >>>>> realm = proteus.local > > > > > > > > > > > >>>>> netbios name = HARDCORE > > > > > > > > > > > >>>>> server role = active directory domain controller > > > > > > > > > > > >>>>> dns forwarder = 200.40.220.245 > > > > > > > > > > > >>>>> allow dns updates = nonsecure and secure > > > > > > > > > > > >>>>> server services = rpc, nbt, wrepl, ldap, > cldap, kdc, > > > > > > drepl, > > > > > > > > > > winbind, ntp_signd, kcc, dnsupdate, dns, smb > > > > > > > > > > > >>>>> dcerpc endpoint servers = epmapper, wkssvc, > > > > rpcecho, samr, > > > > > > > > > > netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, > > > > browser, > > > > > > > > > > eventlog6, backupkey, dnsserver, winreg, srvsvc > > > > > > > > > > > >>>>> winbind enum users = yes > > > > > > > > > > > >>>>> winbind enum groups = yes > > > > > > > > > > > >>>>> winbind use default domain = yes > > > > > > > > > > > >>>>> winbind nested groups = yes > > > > > > > > > > > >>>>> log level = 3 > > > > > > > > > > > >>>>> log file = /var/log/samba/samba.log > > > > > > > > > > > >>>>> # unix charset = ISO8859-1 > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> I appreciate any help you can give me > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>>> Regards. > > > > > > > > > > > >>>>> > > > > > > > > > > > >>>> How did you install samba4, did you compile it > > > > yourself > > > > > > or was > > > > > > > > > > it from > > > > > > > > > > > >>>> packages and on what OS. > > > > > > > > > > > >>>> > > > > > > > > > > > >>>> If you did compile it yourself, there is a couple > > > > of links > > > > > > > > that > > > > > > > > > > will > > > > > > > > > > > >>>> need creating and your users & groups will > need to have > > > > > > > > > > uidNumbers & > > > > > > > > > > > >>>> gidNumbers. > > > > > > > > > > > >>>> > > > > > > > > > > > >>>> Rowland > > > > > > > > > > > >>>> -- > > > > > > > > > > > >>>> To unsubscribe from this list go to the following > > > > URL and > > > > > > > > read the > > > > > > > > > > > >>>> instructions: > > > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > >>> > > > > > > > > > > > >> OK, have you got a link (or a file) > > > > > > > > > > > >> /lib/x86_64-linux-gnu/libnss_winbind.so.2 ? > > > > > > > > > > > >> > > > > > > > > > > > >> What does 'pam-auth-update' show ? > > > > > > > > > > > >> > > > > > > > > > > > >> Rowland > > > > > > > > > > > >> > > > > > > > > > > > >> -- > > > > > > > > > > > >> To unsubscribe from this list go to the > following URL and > > > > > > > > read the > > > > > > > > > > > >> instructions: > > > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > OK, try removing this block from smb.conf on the DC: > > > > > > > > > > > > > > > > > > > > > > Winbind enum users = yes > > > > > > > > > > > Winbind enum groups = yes > > > > > > > > > > > Winbind use default domain = yes > > > > > > > > > > > Winbind nested groups = yes > > > > > > > > > > > > > > > > > > > > > > Add: > > > > > > > > > > > > > > > > > > > > > > idmap_ldb:use rfc2307 = yes > > > > > > > > > > > > > > > > > > > > > > Rowland > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > To unsubscribe from this list go to the following > URL and > > > > > > read the > > > > > > > > > > > instructions: > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > can you remember if you provisioned with '--use-rfc2307' ? > > > > > > > > > > > > > > > > > > If unsure, you can find out if the required schema > extension is > > > > > > > > > installed with: > > > > > > > > > > > > > > > > > > ldbsearch -H /usr/local/samba/private/sam.ldb -b > > > > > > 'dc=example,dc=com' -s > > > > > > > > > sub '(objectclass=msSFU30DomainInfo)' > > > > > > > > > > > > > > > > > > This relies on ldb-tools being installed normally, but > as you > > > > > > compiled > > > > > > > > > samba yourself it should be available > > > > > > > > > > > > > > > > > > Rowland > > > > > > > > > > > > > > > > > > -- > > > > > > > > > To unsubscribe from this list go to the following URL and > > > > read the > > > > > > > > > instructions: > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > have a look here: > > > > > > > > > > > > > > > > > > > > > > > > > https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Extending_the_Schema_for_NIS_Extensions > > > > > > > > > > > > > > Rowland > > > > > > > -- > > > > > > > To unsubscribe from this list go to the following URL and > read the > > > > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > > > > > OK, you need one further change after adding the > ypServ30.ldif, you > > > > > need to change this: > > > > > > > > > > server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > winbind, > > > > > ntp_signd, kcc, dnsupdate, dns, smb > > > > > > > > > > To this: > > > > > > > > > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > > > > > winbind, ntp_signd, kcc, dnsupdate, dns > > > > > > > > > > Rowland > > > > > > > > > > -- > > > > > To unsubscribe from this list go to the following URL and read the > > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > OK, you have extended the schema as per the webpage link I posted, you > > > are now using s3fs instead of ntvfs and have restarted samba, you > should > > > be able to get users with getent, did you have any version of samba > > > installed before installing samba4 ? if so you could have the wrong > > > libnss_winbind files in /lib > > > > > > As to your winbind question, If you are running any version of samba4 > > > that is less than 4.2, winbind is built into the 'samba' daemon. With > > > samba 4.2, the 'samba' daemon starts the 'winbindd' deamon instead. > > > > > > Rowland > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: https://lists.samba.org/mailman/options/samba > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/sambaOK, I get: /lib/x86_64-linux-gnu/libnss_winbind.so /lib/x86_64-linux-gnu/libnss_winbind.so.2 /usr/local/samba/lib/libnss_winbind.so /usr/local/samba/lib/libnss_winbind.so.2 /usr/src/samba-4.2.0/bin/default/nsswitch/libnss_winbind.so /usr/src/samba-4.2.0/bin/shared/libnss_winbind.so.2 This is on Debian 7.8 running 4.1.7 from backports *AND* I have also built 4.2.0 but this is not being used. So, backup these two files: /lib/x86_64-linux-gnu/libnss_winbind.so /lib/x86_64-linux-gnu/libnss_winbind.so.2 Rename them or move them out of the way, but do not delete them just in case they are the correct ones :-) Then copy /usr/local/samba/lib/libnss_winbind.so.2 to /lib/x86_64-linux-gnu cp /usr/local/samba/lib/libnss_winbind.so.2 /lib/x86_64-linux-gnu/ create a symbolic link ln -s /lib/x86_64-linux-gnu/libnss_winbind.so.2 /lib/x86_64-linux-gnu/libnss_winbind.so You will now have the correct winbind files for the samba4 you compiled yourself Rowland
Jhon P
2015-Mar-22 23:22 UTC
[Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
Done. Since I restarted samba service but not yet showing users. : - ( Maybe there is something else I have to do.> Date: Sun, 22 Mar 2015 22:24:49 +0000 > From: rowlandpenny at googlemail.com > To: samba at lists.samba.org > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes > > On 22/03/15 21:55, Jhon P wrote: > > The locate libnss_winbind.so display. > > > > /lib/libnss_winbind.so > > /lib/libnss_winbind.so.2 > > /lib/x86_64-linux-gnu/libnss_winbind.so > > /lib/x86_64-linux-gnu/libnss_winbind.so.2 > > /lib64/libnss_winbind.so > > /lib64/libnss_winbind.so2 > > /usr/lib/x86_64-linux-gnu/libnss_winbind.so > > /usr/lib/x86_64-linux-gnu/libnss_winbind.so.2 > > /usr/local/samba/lib/libnss_winbind.so > > /usr/local/samba/lib/libnss_winbind.so.2 > > /usr/src/samba4/bin/shared/libnss_winbind.so.2 > > > > > > > From: patocius at hotmail.com > > > To: rowlandpenny at googlemail.com; samba at lists.samba.org > > > Date: Sun, 22 Mar 2015 20:04:52 +0000 > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > > name on Primary ACDC but wbinfo -u yes > > > > > > Even "getent" does not show me the domain users. > > > > > > Yes, im rember, im install sernet version the first time, after im > > uninstall it. > > > As we know? if the version of winbind is correct and if the samba > > daemon running. > > > > > > > > > Regards > > > > > > > Date: Sat, 21 Mar 2015 18:36:13 +0000 > > > > From: rowlandpenny at googlemail.com > > > > To: samba at lists.samba.org > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > > name on Primary ACDC but wbinfo -u yes > > > > > > > > On 21/03/15 18:08, Jhon P wrote: > > > > > Ready changed what you asked me and restart the samba service. > > > > > Yet I only see the UID instead of domain users. :-/ > > > > > > > > > > One question. > > > > > > > > > > I do not see the service "winbind or winbindd" running, is this > > correct. > > > > > I can not find it in init.d > > > > > > > > > > Also "wbinfo -u" Show me the domain users. > > > > > > > > > > Thanks for helpme, sorry for noob question. > > > > > > > > > > > Date: Sat, 21 Mar 2015 09:00:37 +0000 > > > > > > From: rowlandpenny at googlemail.com > > > > > > To: samba at lists.samba.org > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > On 21/03/15 00:10, Jhon P wrote: > > > > > > > Now I realized what the documentation says, sucessfull. > > > > > > > > > > > > > > I returned to run the above command and these results changed. > > > > > > > > > > > > > > Change the settings of smb.conf, now looks: > > > > > > > > > > > > > > [global] > > > > > > > workgroup = KENNEDY > > > > > > > realm = kennedy.edu > > > > > > > netbios name = PROTEUS > > > > > > > server role = active directory domain controller > > > > > > > dns forwarder = 200.40.220.245 > > > > > > > allow dns updates = nonsecure and secure > > > > > > > server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > > > > > > > winbind, ntp_signd, kcc, dnsupdate, dns, smb > > > > > > > dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, > > > > > > > netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, > > > > > > > eventlog6, backupkey, dnsserver, winreg, srvsvc > > > > > > > > > > > > > > idmap_ldb:use rfc2307 = yes > > > > > > > #winbind use default domain = yes > > > > > > > #winbind enum users = yes > > > > > > > #winbind enum groups = yes > > > > > > > #winbind nested groups = yes > > > > > > > log level = 3 > > > > > > > log file = /var/log/samba/samba.log > > > > > > > # unix charset = ISO8859-1 > > > > > > > > > > > > > > #[netlogon antes] > > > > > > > #path = /usr/local/samba/var/locks/sysvol/kennedy.edu/scripts > > > > > > > #read only = No > > > > > > > > > > > > > > > > > > > > > Start of service. > > > > > > > > > > > > > > But I did not change anything is still showing me the UID > > instead of > > > > > > > domain name, :-/ . > > > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 21:46:58 +0000 > > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > > To: samba at lists.samba.org > > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > domain user > > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > > > On 20/03/15 21:19, Jhon P wrote: > > > > > > > > > Im think not provisioned with provisioned with > > '--use-rfc2307' > > > > > > > > > > > > > > > > > > root at proteus:~# ldbsearch -H > > /usr/local/samba/private/sam.ldb -b > > > > > > > > > 'dc=kennedy,dc=edu' -s sub '(objectclass=msSFU30DomainInfo)' > > > > > > > > > GENSEC backend 'gssapi_spnego' registered > > > > > > > > > GENSEC backend 'gssapi_krb5' registered > > > > > > > > > GENSEC backend 'gssapi_krb5_sasl' registered > > > > > > > > > GENSEC backend 'schannel' registered > > > > > > > > > GENSEC backend 'spnego' registered > > > > > > > > > GENSEC backend 'ntlmssp' registered > > > > > > > > > GENSEC backend 'krb5' registered > > > > > > > > > GENSEC backend 'fake_gssapi_krb5' registered > > > > > > > > > # Referral > > > > > > > > > ref: ldap://kennedy.edu/CN=Configuration,DC=kennedy,DC=edu > > > > > > > > > > > > > > > > > > # Referral > > > > > > > > > ref: ldap://kennedy.edu/DC=DomainDnsZones,DC=kennedy,DC=edu > > > > > > > > > > > > > > > > > > # Referral > > > > > > > > > ref: ldap://kennedy.edu/DC=ForestDnsZones,DC=kennedy,DC=edu > > > > > > > > > > > > > > > > > > # returned 3 records > > > > > > > > > # 0 entries > > > > > > > > > # 3 referrals > > > > > > > > > > > > > > > > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 20:55:24 +0000 > > > > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > > > > To: samba at lists.samba.org > > > > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > > > > domain user > > > > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > > > > > > > On 20/03/15 20:39, Jhon P wrote: > > > > > > > > > > > OK, i try removing this block, and add the line. > > > > > > > > > > > Restart samba but nothing happends. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Date: Fri, 20 Mar 2015 20:01:04 +0000 > > > > > > > > > > > > From: rowlandpenny at googlemail.com > > > > > > > > > > > > To: samba at lists.samba.org > > > > > > > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display > > > > > > > domain user > > > > > > > > > > > name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > > > > > > > > > > > > > On 20/03/15 19:47, Jhon P wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Yes im have a file: > > > > > > > > > > > > > > > > > > > > > > > > > > -rw-r--r-- 1 root root 19K Jan 10 2014 > > libnss_winbind.so.2 > > > > > > > > > > > > > > > > > > > > > > > > > > My pam: > > > > > > > > > > > > > PAM profiles to enable: > > > > > > > > > > > > > ? [*] Unix authentication > > > > > > > > > > > > > ? [*] Winbind NT/Active Directory authentication > > > > > > > > > > > > > ? [ ] ConsoleKit Session Management > > > > > > > > > > > > > ? [ ] Inheritable Capabilities Management > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Date: Fri, 20 Mar 2015 18:21:57 +0000 > > > > > > > > > > > > >> From: rowlandpenny at googlemail.com > > > > > > > > > > > > >> To: samba at lists.samba.org > > > > > > > > > > > > >> Subject: Re: [Samba] Samba 4.1 gentent, ls, no > > > > > display domain > > > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > >> > > > > > > > > > > > > >> On 20/03/15 17:32, Jhon P wrote: > > > > > > > > > > > > >>> I install samba 4.1 from > > > > > > > > > > > > >>> the sources. In Debian 7.0 "wheezy" > > > > > > > > > > > > >>> a year ago. > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> Thanks for responding. > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> From: patocius at hotmail.com > > > > > > > > > > > > >>> To: rowlandpenny at googlemail.com > > > > > > > > > > > > >>> Subject: RE: [Samba] Samba 4.1 gentent, ls, no > > display > > > > > > > domain > > > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > >>> Date: Fri, 20 Mar 2015 17:28:05 +0000 > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> I install samba 4.1 from the sources. In > > Debian 7.0 > > > > > > > "wheezy" a > > > > > > > > > > > year ago. > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> Thanks for responding. > > > > > > > > > > > > >>> > > > > > > > > > > > > >>> Patocius > > > > > > > > > > > > >>> > > > > > > > > > > > > >>>> Date: Fri, 20 Mar 2015 17:15:50 +0000 > > > > > > > > > > > > >>>> From: rowlandpenny at googlemail.com > > > > > > > > > > > > >>>> To: samba at lists.samba.org > > > > > > > > > > > > >>>> Subject: Re: [Samba] Samba 4.1 gentent, ls, > > no display > > > > > > > domain > > > > > > > > > > > user name on Primary ACDC but wbinfo -u yes > > > > > > > > > > > > >>>> > > > > > > > > > > > > >>>> On 20/03/15 16:58, Jhon P wrote: > > > > > > > > > > > > >>>>> Hello friends: > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> I hope you can help me with this I'm > > struggling a > > > > > year ago > > > > > > > > > > > > >>>>> After breaking my head migrating a server with > > > > > Samba Samba > > > > > > > > > 2.1 > > > > > > > > > > > to 4.1 all stay perfect and functional. > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> All files are in this domain controller for > > now, and > > > > > > > then be > > > > > > > > > > > moved to a domain member, "the file server". > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> I configure the server as ADDC Samba 4.1 and > > up here > > > > > > > all went > > > > > > > > > > > well, the shares, the users, winbind, NetLogons, > > machines, > > > > > etc.But > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> When I have to use the "ls" on the terminal > > > > > display UID > > > > > > > > > > > command instead of domain user name. > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> -rwxrwx --- 1 root users 100K February 28, 2012 > > > > > > > protocolo.pdf > > > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 21K June 27, 2013 > > > > > proyecto.doc > > > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 21K June 21, 2013 > > Project > > > > > 3?.doc > > > > > > > > > > > > >>>>> drwxrwxr-x 2 3000085 4.0K users Mar 17 12:59 > > > > > PROYECTO.txt > > > > > > > > > > > > >>>>> -rwxrwxr-- 1 3000085 28K users Mar 12 12:11 > > > > > segundo.doc > > > > > > > > > Project > > > > > > > > > > > > >>>>> --- 1 root users -rwxrwx 96K July 22, 2013 > > > > > > > recomendaciones.cls > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> If I run the "gentent" command only shows me > > posix > > > > > users. > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> Example: > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> daemon: x: 1: 1: daemon: / usr / sbin: / bin > > / sh > > > > > > > > > > > > >>>>> bin: x: 2: 2: bin: / bin: / bin / sh > > > > > > > > > > > > >>>>> sys: x: 3: 3: sys: / dev: / bin / sh > > > > > > > > > > > > >>>>> sync: x: 4: 65534: sync: / bin: / bin / sync > > > > > > > > > > > > >>>>> ... > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> But if I do, "wbinfo -u" > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> cupcakes > > > > > > > > > > > > >>>>> claudiap > > > > > > > > > > > > >>>>> johanao > > > > > > > > > > > > >>>>> agustinap > > > > > > > > > > > > >>>>> gabrielaa > > > > > > > > > > > > >>>>> .... > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> My nsswitch.conf > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> # /etc/nsswitch.conf > > > > > > > > > > > > >>>>> # > > > > > > > > > > > > >>>>> # Example configuration of GNU Name Service > > Switch > > > > > > > > > functionality. > > > > > > > > > > > > >>>>> # If you have the `glibc-doc-reference' and > > `info' > > > > > > > packages > > > > > > > > > > > installed, try: > > > > > > > > > > > > >>>>> # `info libc "Name Service Switch"' for > > > > > information about > > > > > > > > > this > > > > > > > > > > > file. > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> passwd: compat winbind > > > > > > > > > > > > >>>>> group: compat winbind > > > > > > > > > > > > >>>>> shadow: compat > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> hosts: files mdns4_minimal [NOTFOUND=return] > > dns mdns4 > > > > > > > > > > > > >>>>> networks: files > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> protocols: db files > > > > > > > > > > > > >>>>> services: db files > > > > > > > > > > > > >>>>> ethers: db files > > > > > > > > > > > > >>>>> rpc: db files > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> netgroup: nis > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> My smb.conf > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> [global] > > > > > > > > > > > > >>>>> workgroup = PROTEUS > > > > > > > > > > > > >>>>> realm = proteus.local > > > > > > > > > > > > >>>>> netbios name = HARDCORE > > > > > > > > > > > > >>>>> server role = active directory domain controller > > > > > > > > > > > > >>>>> dns forwarder = 200.40.220.245 > > > > > > > > > > > > >>>>> allow dns updates = nonsecure and secure > > > > > > > > > > > > >>>>> server services = rpc, nbt, wrepl, ldap, > > cldap, kdc, > > > > > > > drepl, > > > > > > > > > > > winbind, ntp_signd, kcc, dnsupdate, dns, smb > > > > > > > > > > > > >>>>> dcerpc endpoint servers = epmapper, wkssvc, > > > > > rpcecho, samr, > > > > > > > > > > > netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, > > > > > browser, > > > > > > > > > > > eventlog6, backupkey, dnsserver, winreg, srvsvc > > > > > > > > > > > > >>>>> winbind enum users = yes > > > > > > > > > > > > >>>>> winbind enum groups = yes > > > > > > > > > > > > >>>>> winbind use default domain = yes > > > > > > > > > > > > >>>>> winbind nested groups = yes > > > > > > > > > > > > >>>>> log level = 3 > > > > > > > > > > > > >>>>> log file = /var/log/samba/samba.log > > > > > > > > > > > > >>>>> # unix charset = ISO8859-1 > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> I appreciate any help you can give me > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>>> Regards. > > > > > > > > > > > > >>>>> > > > > > > > > > > > > >>>> How did you install samba4, did you compile it > > > > > yourself > > > > > > > or was > > > > > > > > > > > it from > > > > > > > > > > > > >>>> packages and on what OS. > > > > > > > > > > > > >>>> > > > > > > > > > > > > >>>> If you did compile it yourself, there is a couple > > > > > of links > > > > > > > > > that > > > > > > > > > > > will > > > > > > > > > > > > >>>> need creating and your users & groups will > > need to have > > > > > > > > > > > uidNumbers & > > > > > > > > > > > > >>>> gidNumbers. > > > > > > > > > > > > >>>> > > > > > > > > > > > > >>>> Rowland > > > > > > > > > > > > >>>> -- > > > > > > > > > > > > >>>> To unsubscribe from this list go to the following > > > > > URL and > > > > > > > > > read the > > > > > > > > > > > > >>>> instructions: > > > > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > >>> > > > > > > > > > > > > >> OK, have you got a link (or a file) > > > > > > > > > > > > >> /lib/x86_64-linux-gnu/libnss_winbind.so.2 ? > > > > > > > > > > > > >> > > > > > > > > > > > > >> What does 'pam-auth-update' show ? > > > > > > > > > > > > >> > > > > > > > > > > > > >> Rowland > > > > > > > > > > > > >> > > > > > > > > > > > > >> -- > > > > > > > > > > > > >> To unsubscribe from this list go to the > > following URL and > > > > > > > > > read the > > > > > > > > > > > > >> instructions: > > > > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > OK, try removing this block from smb.conf on the DC: > > > > > > > > > > > > > > > > > > > > > > > > Winbind enum users = yes > > > > > > > > > > > > Winbind enum groups = yes > > > > > > > > > > > > Winbind use default domain = yes > > > > > > > > > > > > Winbind nested groups = yes > > > > > > > > > > > > > > > > > > > > > > > > Add: > > > > > > > > > > > > > > > > > > > > > > > > idmap_ldb:use rfc2307 = yes > > > > > > > > > > > > > > > > > > > > > > > > Rowland > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > To unsubscribe from this list go to the following > > URL and > > > > > > > read the > > > > > > > > > > > > instructions: > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > can you remember if you provisioned with '--use-rfc2307' ? > > > > > > > > > > > > > > > > > > > > If unsure, you can find out if the required schema > > extension is > > > > > > > > > > installed with: > > > > > > > > > > > > > > > > > > > > ldbsearch -H /usr/local/samba/private/sam.ldb -b > > > > > > > 'dc=example,dc=com' -s > > > > > > > > > > sub '(objectclass=msSFU30DomainInfo)' > > > > > > > > > > > > > > > > > > > > This relies on ldb-tools being installed normally, but > > as you > > > > > > > compiled > > > > > > > > > > samba yourself it should be available > > > > > > > > > > > > > > > > > > > > Rowland > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > To unsubscribe from this list go to the following URL and > > > > > read the > > > > > > > > > > instructions: > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > have a look here: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Extending_the_Schema_for_NIS_Extensions > > > > > > > > > > > > > > > > Rowland > > > > > > > > -- > > > > > > > > To unsubscribe from this list go to the following URL and > > read the > > > > > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > OK, you need one further change after adding the > > ypServ30.ldif, you > > > > > > need to change this: > > > > > > > > > > > > server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > > winbind, > > > > > > ntp_signd, kcc, dnsupdate, dns, smb > > > > > > > > > > > > To this: > > > > > > > > > > > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, > > > > > > winbind, ntp_signd, kcc, dnsupdate, dns > > > > > > > > > > > > Rowland > > > > > > > > > > > > -- > > > > > > To unsubscribe from this list go to the following URL and read the > > > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > > > OK, you have extended the schema as per the webpage link I posted, you > > > > are now using s3fs instead of ntvfs and have restarted samba, you > > should > > > > be able to get users with getent, did you have any version of samba > > > > installed before installing samba4 ? if so you could have the wrong > > > > libnss_winbind files in /lib > > > > > > > > As to your winbind question, If you are running any version of samba4 > > > > that is less than 4.2, winbind is built into the 'samba' daemon. With > > > > samba 4.2, the 'samba' daemon starts the 'winbindd' deamon instead. > > > > > > > > Rowland > > > > > > > > -- > > > > To unsubscribe from this list go to the following URL and read the > > > > instructions: https://lists.samba.org/mailman/options/samba > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: https://lists.samba.org/mailman/options/samba > > OK, I get: > > /lib/x86_64-linux-gnu/libnss_winbind.so > /lib/x86_64-linux-gnu/libnss_winbind.so.2 > /usr/local/samba/lib/libnss_winbind.so > /usr/local/samba/lib/libnss_winbind.so.2 > /usr/src/samba-4.2.0/bin/default/nsswitch/libnss_winbind.so > /usr/src/samba-4.2.0/bin/shared/libnss_winbind.so.2 > > This is on Debian 7.8 running 4.1.7 from backports *AND* I have also > built 4.2.0 but this is not being used. > > So, backup these two files: > > /lib/x86_64-linux-gnu/libnss_winbind.so > /lib/x86_64-linux-gnu/libnss_winbind.so.2 > > Rename them or move them out of the way, but do not delete them just in > case they are the correct ones :-) > > Then copy /usr/local/samba/lib/libnss_winbind.so.2 to /lib/x86_64-linux-gnu > > cp /usr/local/samba/lib/libnss_winbind.so.2 /lib/x86_64-linux-gnu/ > > create a symbolic link > > ln -s /lib/x86_64-linux-gnu/libnss_winbind.so.2 > /lib/x86_64-linux-gnu/libnss_winbind.so > > You will now have the correct winbind files for the samba4 you compiled > yourself > > Rowland > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Possibly Parallel Threads
- Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
- Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
- Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
- Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
- Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes