Andrey Repin
2015-Apr-02  23:49 UTC
[Samba] Member server - winbind unable to resolve users/groups
Greetings, All! I'm trying to get the former PDC back into domain after performing a classic migration. AD DC is running fine... if you can call it that. I've edited the smb.conf and nsswitch.conf as suggested in Wiki article, and rejoined the domain. Went fine apart from failed DNS update with local zone. # net ads testjoin Join is OK But there's no data in getent, and domain users are unable to authenticate on the server. So, where do I start looking? -- With best regards, Andrey Repin Friday, April 3, 2015 02:29:58 Sorry for my terrible english...
Andrey Repin
2015-Apr-03  01:52 UTC
[Samba] Member server - winbind unable to resolve users/groups
Greetings, All!> I'm trying to get the former PDC back into domain after performing a classic > migration. > AD DC is running fine... if you can call it that. > I've edited the smb.conf and nsswitch.conf as suggested in Wiki article, and > rejoined the domain. Went fine apart from failed DNS update with local zone.> # net ads testjoin > Join is OK> But there's no data in getent, and domain users are unable to authenticate on > the server.> So, where do I start looking?Err, totally forgot. Samba 4.1.11, libpam-winbind+libnss-winbind smb.conf from https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server#Set_up_a_basic_smb.conf -- With best regards, Andrey Repin Friday, April 3, 2015 04:51:31 Sorry for my terrible english...
Ashish Yadav
2015-Apr-03  07:08 UTC
[Samba] Member server - winbind unable to resolve users/groups
Hi, On Fri, Apr 3, 2015 at 7:22 AM, Andrey Repin <anrdaemon at yandex.ru> wrote:> Greetings, All! > > > I'm trying to get the former PDC back into domain after performing a > classic > > migration. > > AD DC is running fine... if you can call it that. > > I've edited the smb.conf and nsswitch.conf as suggested in Wiki article, > and > > rejoined the domain. Went fine apart from failed DNS update with local > zone. > > > # net ads testjoin > > Join is OK > > > But there's no data in getent, and domain users are unable to > authenticate on > > the server. > > > So, where do I start looking? >Please check your /etc/nsswitch.conf file, it should look contains this, passwd: compat winbind group: compat winbind For more information, please go through Samba Wiki first, https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server --Regards Ashishkumar S. Yadav