andreasbeyeler@bluemail.ch
2004-Apr-27 12:26 UTC
[Samba] getent shows only local information
Hello
I have installed Redhat Linux 9 and Samba 3.0.2a from the Source.
I have two Win2003 server for the domain "sambadomain.local":
PDC: rootserver
10.10.1.1 Subnet 255.255.0.0
DNS-Master: dnsserver
10.10.1.2 Subnet 255.255.0.0
Runs also dhcp and wins
I made the references to these two Servers (DNS, DHCP) in my Linux-Server.
Linux-Server: samba
10.10.1.4 Subnet 255.255.0.0
Here is my smb.conf File which is located in /usr/local/samba/lib:
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2004/04/21 10:03:48
# Global parameters
[global]
workgroup = SAMBADOMAIN
realm = SAMBADOMAIN.LOCAL
security = ADS
password server = ROOTSERVER.SAMBADOMAIN.LOCAL
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
I created the computer account with the following command:
net ads join -U Administrator
Then I gave the pw. I could see the new account in the active directory.
I did a test with kinit:
[root@samba bin]# /usr/java/j2re1.4.2_03/bin/kinit
Administrator@SAMBADOMAIN.LOCAL
Password for Administrator@SAMBADOMAIN.LOCAL:Password
New ticket is stored in cache file /tmp/krb5cc_0
[root@samba bin]#
My etc/krb5.conf File
[libdefaults]
default_realm = SAMBADOMAIN.LOCAL
[realms]
SAMBADOMAIN.LOCAL = {
kdc = rootserver.sambadomain.local
}
[domain_realm]
.sambadomain.local = SAMBADOMAIN.LOCAL
There was already a file named "libnss_winbind.so.2" and a link
"libnss_winbind.so"
which target is "libnss_winbind.so.2" I did nothing with these files.
I edited /etc/nsswitch.conf:
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries
you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files winbind
shadow: files
group: files winbind
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files
publickey: nisplus
automount: files
aliases: files nisplus
Then I run /usr/local/samba/bin/net rpc join -S ROOTSERVER -U Administrator
and gave my password:
[root@samba bin]# /usr/local/samba/bin/net rpc join -S ROOTSERVER -U
Administrator
Password:
Joined domain SAMBADOMAIN.
[root@samba bin]#
I startet smbd nmbd and winbindd and they are running:
[root@samba bin]# ps -ae|grep winbindd
2177 ? 00:00:00 winbindd
2178 ? 00:00:00 winbindd
[root@samba bin]# ps -ae|grep smbd
2180 ? 00:00:00 smbd
[root@samba bin]# ps -ae|grep nmbd
2179 ? 00:00:00 nmbd
[root@samba bin]#
I did not found any nscd running.
Now I executed the following commands and they succeded:
[root@samba bin]# /usr/local/samba/bin/wbinfo -u
SAMBADOMAIN+Administrator
SAMBADOMAIN+Gast
SAMBADOMAIN+SUPPORT_388945a0
SAMBADOMAIN+ROOTSERVER$
SAMBADOMAIN+krbtgt
SAMBADOMAIN+DNSSERVER$
SAMBADOMAIN+CLIENT-XP$
SAMBADOMAIN+SUSSERVER$
SAMBADOMAIN+win-xp
SAMBADOMAIN+CLIENT-XP2$
SAMBADOMAIN+HOST/samba
[root@samba bin]# /usr/local/samba/bin/wbinfo -g
SAMBADOMAIN+Dom?nencomputer
SAMBADOMAIN+Dom?nencontroller
SAMBADOMAIN+Schema-Admins
SAMBADOMAIN+Organisations-Admins
SAMBADOMAIN+Dom?nen-Admins
SAMBADOMAIN+Dom?nen-Benutzer
SAMBADOMAIN+Dom?nen-G?ste
SAMBADOMAIN+Richtlinien-Ersteller-Besitzer
SAMBADOMAIN+DnsUpdateProxy
SAMBADOMAIN+sambadomainuser
[root@samba bin]#
But when I run...
[root@samba bin]# /usr/bin/getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/bin/bash
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
[root@samba bin]# /usr/bin/getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
rpm:x:37:
floppy:x:19:
vcsa:x:69:
utmp:x:22:
nscd:x:28:
slocate:x:21:
sshd:x:74:
rpc:x:32:
rpcuser:x:29:
nfsnobody:x:65534:
mailnull:x:47:
smmsp:x:51:
pcap:x:77:
apache:x:48:
xfs:x:43:
named:x:25:
ntp:x:38:
gdm:x:42:
[root@samba bin]#
... I have only the local information. And this is my problem! I have searched
in the internet for solutions and tried a lot but nothing has solved it.
Now I reinstalled the hole system to this state. For all that I used the
Samba Howto.
Is it possible that the problem lies on one of the W2003 servers?
I will test your advices as soon as I can, but I'm not all the time in the
office.
Thanks a lot for those persons who try to help me, and sorry for my bad English!
best regards + God bless
Andreas Beyeler - Switzerland
andreasbeyeler@bluemail.ch
2004-Apr-28 05:47 UTC
[Samba] getent shows only local information
Hello
(I repostet this problem because the first time I sent it, it appeard as
an answer to another thread...)
I have installed Redhat Linux 9 and Samba 3.0.2a from the Source.
I have two Win2003 server for the domain "sambadomain.local":
PDC: rootserver
10.10.1.1 Subnet 255.255.0.0
DNS-Master: dnsserver
10.10.1.2 Subnet 255.255.0.0
Runs also dhcp and wins
I made the references to these two Servers (DNS, DHCP) in my Linux-Server.
Linux-Server: samba
10.10.1.4 Subnet 255.255.0.0
Here is my smb.conf File which is located in /usr/local/samba/lib:
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2004/04/21 10:03:48
# Global parameters
[global]
workgroup = SAMBADOMAIN
realm = SAMBADOMAIN.LOCAL
security = ADS
password server = ROOTSERVER.SAMBADOMAIN.LOCAL
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
I created the computer account with the following command:
net ads join -U Administrator
Then I gave the pw. I could see the new account in the active directory.
I did a test with kinit:
[root@samba bin]# /usr/java/j2re1.4.2_03/bin/kinit
Administrator@SAMBADOMAIN.LOCAL
Password for Administrator@SAMBADOMAIN.LOCAL:Password
New ticket is stored in cache file /tmp/krb5cc_0
[root@samba bin]#
My etc/krb5.conf File
[libdefaults]
default_realm = SAMBADOMAIN.LOCAL
[realms]
SAMBADOMAIN.LOCAL = {
kdc = rootserver.sambadomain.local
}
[domain_realm]
.sambadomain.local = SAMBADOMAIN.LOCAL
There was already a file named "libnss_winbind.so.2" and a link
"libnss_winbind.so"
which target is "libnss_winbind.so.2" I did nothing with these files.
I edited /etc/nsswitch.conf:
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries
you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files winbind
shadow: files
group: files winbind
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files
publickey: nisplus
automount: files
aliases: files nisplus
Then I run /usr/local/samba/bin/net rpc join -S ROOTSERVER -U Administrator
and gave my password:
[root@samba bin]# /usr/local/samba/bin/net rpc join -S ROOTSERVER -U
Administrator
Password:
Joined domain SAMBADOMAIN.
[root@samba bin]#
I startet smbd nmbd and winbindd and they are running:
[root@samba bin]# ps -ae|grep winbindd
2177 ? 00:00:00 winbindd
2178 ? 00:00:00 winbindd
[root@samba bin]# ps -ae|grep smbd
2180 ? 00:00:00 smbd
[root@samba bin]# ps -ae|grep nmbd
2179 ? 00:00:00 nmbd
[root@samba bin]#
I did not found any nscd running.
Now I executed the following commands and they succeded:
[root@samba bin]# /usr/local/samba/bin/wbinfo -u
SAMBADOMAIN+Administrator
SAMBADOMAIN+Gast
SAMBADOMAIN+SUPPORT_388945a0
SAMBADOMAIN+ROOTSERVER$
SAMBADOMAIN+krbtgt
SAMBADOMAIN+DNSSERVER$
SAMBADOMAIN+CLIENT-XP$
SAMBADOMAIN+SUSSERVER$
SAMBADOMAIN+win-xp
SAMBADOMAIN+CLIENT-XP2$
SAMBADOMAIN+HOST/samba
[root@samba bin]# /usr/local/samba/bin/wbinfo -g
SAMBADOMAIN+Dom?nencomputer
SAMBADOMAIN+Dom?nencontroller
SAMBADOMAIN+Schema-Admins
SAMBADOMAIN+Organisations-Admins
SAMBADOMAIN+Dom?nen-Admins
SAMBADOMAIN+Dom?nen-Benutzer
SAMBADOMAIN+Dom?nen-G?ste
SAMBADOMAIN+Richtlinien-Ersteller-Besitzer
SAMBADOMAIN+DnsUpdateProxy
SAMBADOMAIN+sambadomainuser
[root@samba bin]#
But when I run...
[root@samba bin]# /usr/bin/getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/bin/bash
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
[root@samba bin]# /usr/bin/getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
rpm:x:37:
floppy:x:19:
vcsa:x:69:
utmp:x:22:
nscd:x:28:
slocate:x:21:
sshd:x:74:
rpc:x:32:
rpcuser:x:29:
nfsnobody:x:65534:
mailnull:x:47:
smmsp:x:51:
pcap:x:77:
apache:x:48:
xfs:x:43:
named:x:25:
ntp:x:38:
gdm:x:42:
[root@samba bin]#
... I have only the local information. And this is my problem! I have searched
in the internet for solutions and tried a lot but nothing has solved it.
Now I reinstalled the hole system to this state. For all that I used the
Samba Howto.
Is it possible that the problem lies on one of the W2003 servers?
I will test your advices as soon as I can, but I'm not all the time in the
office.
Thanks a lot for those persons who try to help me, and sorry for my bad English!
best regards + God bless
Andreas Beyeler - Switzerland