sysrm
2005-May-09 09:42 UTC
[Samba] Samba+ldap, Getent and AD (aka the good bad and the downright ugly)
Hi all. I have managed to join my samba server to an AD domain. I can now join using the net command and get various other bits of info. Wbinfo -u /g/t etc works nps Getent however doesn't. This is my question: By reading various emails over the last 2 weeks and various howtos etc In order to share users and passwords etc all I need to do is edit the nsswitch.conf To passwd: compat winbind shadow: compat group: compat winbind Or passwd: files winbind shadow: files group: files winbind Then getent passwd SHOULD show the local passwd file AND the AD user file? I don't need to do the pam auth stuff for this to work? Is this correct or have I lost the plot (and very nearly the will to live??) Please someone take pity on this poor fool. Im running RH ES3 and samba 3.0.14a configured with --prefix=/usr/local/samba --with-ldap --with-ads --with-krb5 --with-pam --with-winbind Thanks Ross
sysrm
2005-May-09 14:06 UTC
SOLVED RE: [Samba] Samba+ldap, Getent and AD (aka the good bad and the downright ugly)
Ok, went back through all the documentation (NB might be worth the doc writer of http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html#id25 97045 putting something in about this) By default redhat installed samba (even tho I told it not to) so I did the rpm -e samba-* Then built it by hand and installed it (as per the above document) looked in /lib and there was a libnss_winbind.so and .so.2 already, so figured that make install had put them in there..... Wrong :/ It must have been from the previous default install Before [root@dev1 lib]# ls -l libnss_winbind.so* lrwxr-xr-x 1 root root 19 Jul 21 2004 libnss_winbind.so -> libnss_winbind.so.2 -rwxr-xr-x 1 root root 13832 Sep 25 2003 libnss_winbind.so.2 After.... [root@dev1 lib]# cp /usr/local/src/samba-3.0.14a/source/nsswitch/libnss_winbind.so ./libnss_winbind.so.2 [root@dev1 lib]# ls -l libnss_winbind.so* lrwxr-xr-x 1 root root 19 Jul 21 2004 libnss_winbind.so -> libnss_winbind.so.2 -rwxr-xr-x 1 root root 19507 May 9 15:01 libnss_winbind.so.2 Getent passwd now shows domain users etc. I doubt this will be the last problem, but im a heck of way further than I was 20 mins ago :) Cheers Ross -----Original Message----- From: samba-bounces+sysrm=stvincent.ac.uk@lists.samba.org [mailto:samba-bounces+sysrm=stvincent.ac.uk@lists.samba.org] On Behalf Of sysrm Sent: 09 May 2005 10:51 To: Samba Subject: [Samba] Samba+ldap,Getent and AD (aka the good bad and the downright ugly) Hi all. I have managed to join my samba server to an AD domain. I can now join using the net command and get various other bits of info. Wbinfo -u /g/t etc works nps Getent however doesn't. This is my question: By reading various emails over the last 2 weeks and various howtos etc In order to share users and passwords etc all I need to do is edit the nsswitch.conf To passwd: compat winbind shadow: compat group: compat winbind Or passwd: files winbind shadow: files group: files winbind Then getent passwd SHOULD show the local passwd file AND the AD user file? I don't need to do the pam auth stuff for this to work? Is this correct or have I lost the plot (and very nearly the will to live??) Please someone take pity on this poor fool. Im running RH ES3 and samba 3.0.14a configured with --prefix=/usr/local/samba --with-ldap --with-ads --with-krb5 --with-pam --with-winbind Thanks Ross -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba