Hi all!
Im using samba 3.0.23c from debian backports and I finding some problems,
this host has worked flawlessly since a a few months ago. But now stopped to
work properly.
My versions are:
ii winbind 3.0.23c-1~bpo.1 service to resolve user
and group information from Windows N
ii samba 3.0.23c-1~bpo.1 a LanManager-like file and
printer server for Unix
ii samba-common 3.0.23c-1~bpo.1 Samba common files used by
both the server and the client
My confs are the following
/etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this
file.
passwd: compat winbind [NOTFOUND=return] db
group: compat winbind [NOTFOUND=return] db
shadow: compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
[global]
workgroup = IBEU
realm = IBEU.ORG.BR
server string = Servidor de arquivos central
security = ADS
password server = ibeu_nt2 ibeu_nt 10.1.1.238 10.1.1.231
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
username map = /etc/samba/users.map
username level = 8
log level = 4
#vfs:2
syslog = 0
syslog only = 0
log file = /var/log/samba/log.%m.%U
max log size = 0
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M %u
logon script = scripts\startup.bat
logon path = \\%L\profiles\%u\%m
logon drive = F:
logon home = \\%L\%u\.win_profile\%m
os level = 6
preferred master = No
local master = No
domain master = No
wins server = 10.1.1.238
remote announce = 10.1.1.255/IBEU
remote browse sync = 10.1.1.255
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
template homedir = /dados/home/%U
template shell = /dev/null
winbind separator = /
winbind use default domain = Yes
# recycle:maxsize = 10240000
# recycle:touch = no
# recycle:keeptree = yes
# recycle:repository = /dados/lixeira
invalid users = root
printer admin = @admins
acl group control = Yes
inherit permissions = Yes
inherit acls = Yes
printing = cups
print command lpq command = %p
lprm command # vfs objects = recycle
#extd_audit
[homes]
comment = Home Directories
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[profiles]
path = /dados/profiles
read only = No
create mask = 0600
directory mask = 070
[IPC$]
path = /tmp
read only = No
guest ok = Yes
[printers]
comment = All Printers
path = /tmp
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
write list = root, @admins
behind this only user shares (I have commented out somethings because im
trying to find out where is the problem)
Samba and winbind is running (ps aux show them)
Users can connect on shares etc..
Here is some command output
zaphod:/etc/samba# wbinfo -p
Ping to winbindd succeeded on fd 4
zaphod:/etc/samba# wbinfo -u
full user list . . . .
zaphod:/etc/samba# wbinfo -g
full group list...
BUT!
zaphod:/etc/samba# getent passwd
just show /etc/passwd users
zaphod:/etc/samba# getent group
just show /etc/group users
Weirdest thing!!
zaphod:/etc/samba# getent passwd igormorgado
igormorgado:*:10000:10000:Igor Morgado:/dados/home/igormorgado:/dev/null
zaphod:/etc/samba# getent group admins
admins:x:10003:servicos,vhogemann,igormorgado,lidia,diogo,nelson,admin,ramos,eliane,JEANNE,Administrador
Retrieve winbind data!!
Even more weirdest!
zaphod:/etc/samba# id igormorgado
uid=10000(igormorgado) gid=10000(Domain Users) grupos=10000(Domain Users)
it list only the my primary group not all groups but as you could notice i'm
on admins group too.
More data:
zaphod:/etc/samba# nss_updatedb winbind
Failed to enumerate nameservice: Success
passwd... nameservice unavailable.
I have tried to remove winbind cache file (as ||cw told me on irc channel)
but didn't helped.
There is no pam configuration about winbind this is because I didn't need
unix authenticating on winbind or anything like. (just users on samba)
I have other host with same configuration but using this versions:
ii winbind 3.0.14a-3sarge1 service to resolve user
and group information from Windows N
ii samba 3.0.14a-3sarge1 a LanManager-like file and
printer server for Unix
ii samba-common 3.0.14a-3sarge1 Samba common files used by
both the server and the client
But i need some options in samba 3.0.22 (as acl group control and inherit).