I've a little problem starting winbindd. using It on a redhat 9 linux, compiled from source. I've configured nsswitch.conf with winbind and kerberos. Naturally joined my ADS realm with the following command: net ads join -U administrator successfully. now the problem is that smbd and nmbd work correclty but I can't start winbindd due the following error and I can't manage why, from the log.winbindd: [2003/10/15 10:54:24, 2] lib/interface.c:add_interface(79) added interface ip=192.168.5.13 bcast=192.168.5.255 nmask=255.255.254.0 [2003/10/15 10:54:24, 5] lib/util.c:init_names(270) Netbios name list:- my_netbios_names[0]="NORAD" [2003/10/15 10:54:24, 2] lib/interface.c:add_interface(79) added interface ip=192.168.5.13 bcast=192.168.5.255 nmask=255.255.254.0 [2003/10/15 10:54:24, 5] lib/gencache.c:gencache_init(59) Opening cache file at /usr/samba/var/locks/gencache.tdb [2003/10/15 10:54:24, 5] libsmb/namecache.c:namecache_enable(58) namecache_enable: enabling netbios namecache, timeout 660 seconds [2003/10/15 10:54:24, 0] nsswitch/winbindd_util.c:winbindd_param_init(445) winbindd: idmap uid range missing or invalid [2003/10/15 10:54:24, 0] nsswitch/winbindd_util.c:winbindd_param_init(446) winbindd: cannot continue, exiting. Naturally my smb.conf is: [global] encrypt passwords = Yes workgroup = MYREALM.IT server string = norad security = ads log file = /var/log/samba/log.%m max log size = 50 password server = MASTER BDC realm = MYREALM.IT passdb backend = tdbsam socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no wins server = 192.168.5.1 192.168.0.1 wins proxy = yes dns proxy = yes [public] comment = nora-d ? chi e` nora-d ? writeable = yes public = yes browseable = yes path = /home/samba read only = No create mask = 0777 directory mask = 0777 guest ok = No ;*********** winbindd ********** winbind separator = \ winbind cache time = 10 template homedir = /home/%D/%U template shell = /bin/bash winbind uid = 10000-20000 winbind gid = 10000-20000 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes It is quite stupid ok ? when I start winbindd with the following option I receive: winbindd version 3.0.0 started. Copyright The Samba Team 2000-2003 lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/usr/samba/lib/smb.conf" Processing section "[global]" doing parameter encrypt passwords = Yes doing parameter workgroup = MYREALM.IT doing parameter server string = norad doing parameter security = ads doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter password server = MASTER BDC doing parameter realm = MYREALM.IT doing parameter passdb backend = tdbsam doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter wins server = 192.168.5.1 192.168.0.1 doing parameter wins proxy = yes doing parameter dns proxy = yes Processing section "[public]" doing parameter comment = nora-d ? chi e` nora-d ? doing parameter writeable = yes doing parameter public = yes doing parameter browseable = yes doing parameter path = /home/samba doing parameter read only = No doing parameter create mask = 0777 doing parameter directory mask = 0777 doing parameter guest ok = No doing parameter winbind separator = + Global parameter winbind separator found in service section! doing parameter winbind cache time = 10 Global parameter winbind cache time found in service section! doing parameter template homedir = /home/%D/%U Global parameter template homedir found in service section! doing parameter template shell = /bin/bash Global parameter template shell found in service section! doing parameter winbind uid = 10000-20000 Global parameter winbind uid found in service section! doing parameter winbind gid = 10000-20000 Global parameter winbind gid found in service section! doing parameter winbind enum users = yes Global parameter winbind enum users found in service section! doing parameter winbind enum groups = yes Global parameter winbind enum groups found in service section! doing parameter winbind use default domain = yes Global parameter winbind use default domain found in service section! pm_process() returned Yes lp_servicenumber: couldn't find homes adding IPC service adding IPC service set_server_role: role = ROLE_DOMAIN_MEMBER Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE added interface ip=192.168.5.13 bcast=192.168.5.255 nmask=255.255.254.0 Netbios name list:- my_netbios_names[0]="NORAD" added interface ip=192.168.5.13 bcast=192.168.5.255 nmask=255.255.254.0 Opening cache file at /usr/samba/var/locks/gencache.tdb namecache_enable: enabling netbios namecache, timeout 660 seconds winbindd: idmap uid range missing or invalid winbindd: cannot continue, exiting. how to solve this problem ? Thank in advance. Best Regards, Federico
kend@xanoptix.com
2003-Oct-15 16:20 UTC
[Samba] Samba 3.x client -> Samba 2.2.x server authentication?
Hey, all. I've upgraded my workstation (Debian) to the Debian Samba 3.x install. I decided to start from scratch with my smb.conf, because I didn't know enough to be wary of what parameters were deleted, etc. So I put password server = sambapdc into my smb.conf, and figured it would "Just Work." No dice. A glance at the log file shows" [2003/10/15 12:11:08, 1] sam/idmap_tdb.c:db_idmap_init(331) idmap gid range missing or invalid idmap will be unable to map foreign SIDs Some Googling showed this to be some sort of issue with the "passdb backend" (which Debian set to "smbpasswd guest"), so I commented it out, thinking it might be conflicting with the "password server" directive. Nothing doing. Any hints? Thanks, Ken D'Ambrosio Sr. SysAdmin, Xanoptix, Inc. P.S. I have to assume that this has already been mentioned, but the smb.conf manpage -- at least in the Debian version that I have -- has almost none of the directives listed; an obvious editing boo-boo...
John H Terpstra
2003-Oct-17 19:09 UTC
[Samba] Samba 3.x client -> Samba 2.2.x server authentication?
Ken, In case you have not received a reply: Add to your smb.conf [globals] idmap uid = 15000-20000 idmap gid = 15000-20000 That should solve your problem. - John T. On Wed, 15 Oct 2003 kend@xanoptix.com wrote:> Hey, all. I've upgraded my workstation (Debian) to the Debian Samba 3.x > install. I decided to start from scratch with my smb.conf, because I didn't > know enough to be wary of what parameters were deleted, etc. So I put > password server = sambapdc > into my smb.conf, and figured it would "Just Work." No dice. A glance at > the log file shows" > > [2003/10/15 12:11:08, 1] sam/idmap_tdb.c:db_idmap_init(331) > idmap gid range missing or invalid > idmap will be unable to map foreign SIDs > > Some Googling showed this to be some sort of issue with the "passdb backend" > (which Debian set to "smbpasswd guest"), so I commented it out, thinking it > might be conflicting with the "password server" directive. Nothing doing. > Any hints? > > Thanks, > > Ken D'Ambrosio > Sr. SysAdmin, > Xanoptix, Inc. > > P.S. I have to assume that this has already been mentioned, but the smb.conf > manpage -- at least in the Debian version that I have -- has almost none of > the directives listed; an obvious editing boo-boo... > > >-- John H Terpstra Email: jht@samba.org