Bostjan Müller
2006-Sep-12 10:58 UTC
[Samba] Samba domain member server does not see list of users from PDC
Hi, I have some problems with the following setup: DOM1 (PDC) -> DOM2 (PDC) <->DOM2(Member server) The users and groups from DOM1 (MS WinNT4 domain) are nicely visible on Samba PDC (DOM2) with established trust, but domain member server in DOM2 domain does not show any users from the DOM1 domain (only users from DOM2 are visible), BUT!! users from DOM1 can login to it and access shares upload/download files. Member server is running winbind and it can see all of the DOM2 users and groups with wbinfo and with getent commands, but NONE of DOM1 users or groups can be listed on it. The problem is, that I cannot set any rights/ACL's on files because of that. Can anyone please advise me as to what I can do to make users and groups from trusted domain visible also on the member server? Thank you in advance, Regards, Bostjan -- buhdej evridej
Felipe Augusto van de Wiel
2006-Sep-18 13:32 UTC
[Samba] Samba domain member server does not see list of users from PDC
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/12/2006 07:57 AM, Bostjan M?ller escreveu:> Hi, > > I have some problems with the following setup: > DOM1 (PDC) -> DOM2 (PDC) <->DOM2(Member server) > > The users and groups from DOM1 (MS WinNT4 domain) are nicely visible > on Samba PDC (DOM2) with established trust, but domain member server > in DOM2 domain does not show any users from the DOM1 domain (only > users from DOM2 are visible), BUT!! users from DOM1 can login to it > and access shares upload/download files. > Member server is running winbind and it can see all of the DOM2 users > and groups with wbinfo and with getent commands, but NONE of DOM1 > users or groups can be listed on it. > > The problem is, that I cannot set any rights/ACL's on files because of > that. > > Can anyone please advise me as to what I can do to make users and > groups from trusted domain visible also on the member server?Don't you need winbind on that kind of situation? Or, if you are using LDAP, maybe an LDAP slave or LDAP configuration in your libnss.> Thank you in advance, > Regards, > BostjanKind regards, - -- Felipe Augusto van de Wiel <felipe@paranacidade.org.br> Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFDp/CCj65ZxU4gPQRAjE7AJ9RW6S9Gqhw7Y0gqEAZEuXlXb44ugCgr8Hn IBHdV+pC0FDtrPLtxvp9SPo=VQus -----END PGP SIGNATURE-----