I hope I'm submitting this to the right place....
Hello All,
I've been pouring over the groups for a couple of days now, and found a
few problems and setups similiar to mine, but I'm not having much luck
trying to resolve the issue. My setup currently is a RHFC4 Box running
Samba 3.0.21a-1 on a Win2k AD Domain.
Now I have no problem running "wbinfo -t -u or -g" I get listings of
groups and users. When I run "getent passwd" though all I get are
the
local users.
I have all the symbolic links and libnss_winbind.so files in /lib. I
get no errors in the winbindd log, I did notice the following error in
the smbd.log file in /var/logs/samba/ But I'm not sure what the deal
is.
I updated GCC, Krb5 just in case with yum. I had no problem adding the
machine to the domain, I just can't use getent to pull a listing or
access the share from any of the domain worstations without having a
local account on the RH box.
In the past using RHFC4 and a Win2k3 domain I've had no problems. So
I'm just baffeled right now. Maybe I've overlooked something. Maybe
it's something with the 2K domain. Any help is appriciated. If more
info is needed, or I'm way in left field just let me know.
I'll post my conf files below.
Thanks.
/var/log/samba/smbd.log snippet
[2006/02/06 16:30:28, 0] lib/util_sock.c:open_socket_in(823)
bind failed on port 445 socket_addr = 0.0.0.0.
Error = Address already in use
*** glibc detected *** smbd: free(): invalid pointer: 0x00f4cdb0 ***
======= Backtrace: ========/lib/libc.so.6[0x58f424]
/lib/libc.so.6(__libc_free+0x77)[0x58f95f]
/lib/libcom_err.so.2(remove_error_table+0x4b)[0x131abb]
/usr/lib/libkrb5.so.3[0xeea8c4]
/usr/lib/libkrb5.so.3[0xeea5c7]
/usr/lib/libkrb5.so.3[0xf3b9da]
/lib/ld-linux.so.2[0x11f058]
/lib/libc.so.6(exit+0xc5)[0x556c69]
smbd(main+0x697)[0xa1a323]
/lib/libc.so.6(__libc_start_main+0xc6)[0x540de6]
smbd[0x7d5081]
======= Memory map: =======
/etc/samba/smb.conf (minimal setup to test)
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
server string = Samba Server
security = ADS
password server = 192.168.0.4
log file = /var/log/samba/%m.log
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
winbind use default domain = Yes
[samba01]
comment = SambaTest
path = /samba01
read only = No
/etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = DOMAIN.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
DOMAIN.LOCAL = {
kdc = 192.168.0.4:88
admin_server = domain.domain.local:749
default_domain = domain.local
}
[domain_realm]
.domain.local = DOMAIN.LOCAL
domain.local = DOMAIN.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
/etc/nsswitch.conf
passwd: files winbind
shadow: files
group: files winbind
/etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_winbind.so
auth sufficient pam_unix.so use_first_pass
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session optional pam_console.so
# pam_selinux.so open should be the last session rule
session required pam_selinux.so multiple open
--
-Jon
www.jonparkins.com