removed sssd. removed all sss occurrences and winbind from the shadow line. Selinux is disabled. firewalld is disabled. not sure if there is a difference but I have smb and winbind, I do not have nmbd or smbd. /etc/resolv.conf search mydomain.com nameserver "ipaddress for DC1" nameserver "ipaddress for DC2" Still no such user after restarting the services and executing net cache flush. On Thu, Mar 14, 2019 at 1:25 PM Rowland Penny via samba < samba at lists.samba.org> wrote:> On Thu, 14 Mar 2019 13:08:13 -0400 > Tyrus Shivers <tyrus.shivers at bestgateeng.com> wrote: > > > yes windbind is installed and running > > Good > > > yes sssd is installed, but it was not running. I did start it and ran > > Bad, good and then bad again ;-) > > I would remove sssd, it isn't required if you are using winbind > > > net cache flush and id again and still no such user. > > > > This is the working nsswitch.conf file that was copied over from the > > 7.3 working system. > > > > /etc/nsswitch.conf > > > > passwd: files sss winbind > > shadow: files sss winbind > > group: files sss winbind > > #initgroups : files sss > > > > hosts: files dns myhostname > > > > bootparams: nisplus [NOTFOUND=return] files > > > > ethers: files > > netmasks: files > > networks: files > > protocols: files > > rpc: files > > services: files sss > > > > netgroup: files sss > > publickey: nisplus > > > > automount: files > > aliases: files nisplus > > > > I would remove all the 'sss' occurrences and 'winbind from the shadow > line. > > Is Selinux blocking access ? > Is a firewall running and blocking ports ? > > The 'rid' backend is usually the easiest to use, you just add the > required lines to smb.conf, restart smbd, nmbd & winbind and it usually > just works. > > Just a thought, is the computer using a DC as its first nameserver > in /etc/resolv.conf ? > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- V/R Tyrus Shivers Bestgate Engineering LLC Direct: (410) 872-2457 tyrus.shivers at bestgateeng.com <tyrus.shivers at bestgateeng.com> This e-mail transmission and any documents, files or previous e-mail messages attached to it, may be privileged and confidential and is intended only for the use of the intended recipient of this message. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any review, disclosure, retention, copying, dissemination, distribution or use of any of the information contained in, or attached to this e-mail transmission is strictly prohibited. If you have received this transmission in error, please immediately notify the sender by return e-mail or by telephone at the above number and delete this e-mail message and its attachments.
On Thu, 14 Mar 2019 13:39:31 -0400 Tyrus Shivers <tyrus.shivers at bestgateeng.com> wrote:> removed sssd. > removed all sss occurrences and winbind from the shadow line. > Selinux is disabled. > firewalld is disabled. > > not sure if there is a difference but I have smb and winbind, I do > not have nmbd or smbd. > > /etc/resolv.conf > > search mydomain.com > nameserver "ipaddress for DC1" > nameserver "ipaddress for DC2" > > Still no such user after restarting the services and executing net > cache flush. >This is very strange, it normally just works, it is usually the 'ad' backend that gives trouble. When you posted your smb.conf, you didn't head it with '[global]', I take it that is there. Have you tried running 'testparm' just in case there is a typo or something. Have you tried leaving and rejoining the domain. Does 'wbinfo -u | grep username' produce output ? Rowland
Yes global is there. testparm output shows everything is ok, no error. ROLE_DOMAIN_Member Then I can press enter and see a dump. yes, wbinfo produces output of mydomain\user I left the domain, rejoined, and still no such user. wbinfo outputs users and groups on command. On Thu, Mar 14, 2019 at 1:59 PM Rowland Penny via samba < samba at lists.samba.org> wrote:> On Thu, 14 Mar 2019 13:39:31 -0400 > Tyrus Shivers <tyrus.shivers at bestgateeng.com> wrote: > > > removed sssd. > > removed all sss occurrences and winbind from the shadow line. > > Selinux is disabled. > > firewalld is disabled. > > > > not sure if there is a difference but I have smb and winbind, I do > > not have nmbd or smbd. > > > > /etc/resolv.conf > > > > search mydomain.com > > nameserver "ipaddress for DC1" > > nameserver "ipaddress for DC2" > > > > Still no such user after restarting the services and executing net > > cache flush. > > > > This is very strange, it normally just works, it is usually the 'ad' > backend that gives trouble. > > When you posted your smb.conf, you didn't head it with '[global]', I > take it that is there. > > Have you tried running 'testparm' just in case there is a typo or > something. > > Have you tried leaving and rejoining the domain. > > Does 'wbinfo -u | grep username' produce output ? > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- V/R Tyrus Shivers Bestgate Engineering LLC Direct: (410) 872-2457 tyrus.shivers at bestgateeng.com <tyrus.shivers at bestgateeng.com> This e-mail transmission and any documents, files or previous e-mail messages attached to it, may be privileged and confidential and is intended only for the use of the intended recipient of this message. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any review, disclosure, retention, copying, dissemination, distribution or use of any of the information contained in, or attached to this e-mail transmission is strictly prohibited. If you have received this transmission in error, please immediately notify the sender by return e-mail or by telephone at the above number and delete this e-mail message and its attachments.
I am having similar issues going form 4.7.12 to 4.8.9 Previous smb.conf on a member server just no longer IDs users. wbinfo -u and wbinfo -g return proper information; however, id does not. The error appears to be in mapping SIDs. # wbinfo -n user <sid> # wbinfo -S <sid> ailed to call wbcSidToUid: WBC_ERR_DOMAIN_NOT_FOUND Could not convert sid <sid> to uid Notably, I do use the 'ad' backend. Tyrus -- does "wbinfo -S <sid>" work for you? ----- On Mar 14, 2019, at 12:58 PM, samba samba at lists.samba.org wrote:> On Thu, 14 Mar 2019 13:39:31 -0400 > Tyrus Shivers <tyrus.shivers at bestgateeng.com> wrote: > >> removed sssd. >> removed all sss occurrences and winbind from the shadow line. >> Selinux is disabled. >> firewalld is disabled. >> >> not sure if there is a difference but I have smb and winbind, I do >> not have nmbd or smbd. >> >> /etc/resolv.conf >> >> search mydomain.com >> nameserver "ipaddress for DC1" >> nameserver "ipaddress for DC2" >> >> Still no such user after restarting the services and executing net >> cache flush. >> > > This is very strange, it normally just works, it is usually the 'ad' > backend that gives trouble. > > When you posted your smb.conf, you didn't head it with '[global]', I > take it that is there. > > Have you tried running 'testparm' just in case there is a typo or > something. > > Have you tried leaving and rejoining the domain. > > Does 'wbinfo -u | grep username' produce output ? > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba