On 3/13/07, Marc Muehlfeld <Marc.Muehlfeld@medizinische-genetik.de>
wrote:>
> Hello,
>
> I have two Samba Domains and each trust each other (PDCs run 3.0.22). Also
> I have a samba member server (3.0.24) that runs winbind. When I use wbinfo
> I can see the user and groups of both domains. I also can chown/chgrp
> files with users of the domain the server is member of. But I can`t
> chown/chgrp with accounts of the trusted domain. chown doesn`t work at
> all. chgrp works, but then only the gid (from winbind) is shown:
>
>
> # chown "TRUSTDOM+muehlfeld" file.txt
> chown: `TRUSTDOM+muehlfeld': invalid user
>
> # chgrp "TRUSTDOM+group" file.txt
> # ls -la file.txt
> -rw-r--r-- 1 root 10051 0 Mar 8 12:32 file.txt
>
>
> I also have a Win2003r2 Member Server. When I add rights to a file for a
> user of the trusted domain, I see the name. But when I close the window
> and then open it again, the name of the user/group changed into the SID.
>
>
> So I guess it`s a problem or misconfiguration from the two PDCs, and not
> of the member servers.
>
>
> This are my winbind settings:
>
> idmap backend = ldap:ldap://192.168.29.4
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind separator = +
> winbind enum users = yes
> winbind enum groups = yes
> template homedir = /home/%U
> template shell = /bin/false
> winbind nested groups = yes
> winbind cache time = 300
> winbind nss info = template
> winbind use default domain = yes
> winbind trusted domains only = yes
>
>
> Any idea what could be wrong?
>
>
> Also one more question: Any plans, when winbind on a PDC could handle
> local users and from the trusted domains?
>
>
> Best regards
> Marc Muehlfeld
>
>
> --
> Marc Muehlfeld
> Zentrum fuer Humangenetik und Laboratoriumsmedizin Dr. Klein und Dr. Rost
> Lochhamer Str. 29 - D-82152 Martinsried
> Telefon: +49(0)89/895578-0 - Fax: +49(0)89/895578-78
> http://www.medizinische-genetik.de
I am witnessing the same thing. Are you seeing core dumps in
/var/log/messages?
####################
Hi all,>
> smbd -V: Version 3.0.23d-19.2-1179-SUSE-SL10.2
>
> I'm seeing a core dump in /var/log/messages when trying to access the
> security tab from Windows when I have Active Directory users and groups
> assigned to the Linux file system.
>
> I can replicate this each time by doing the following.
>
> Change the permissions on the Linux directory I have specified as a share
> in smb.conf.
>
> ls -ltr /dir/
> drwxrwxrwx 2 root users 4096
> 2007-03-10 09:17 shared
>
> With these setting I can access the security tab from Windows without
> seeing any errors in the messages log.
>
> Permissions from the security tab show up as:
>
> Everyone
> root (Unix User\root)
> users (Unix Group\users)
>
> Now, I change permissions on the file system to:
>
> chown -R "DOMAIN\administrator" shared/ && chgrp -R
"DOMAIN\domain users"
> shared/
>
> ls -ltr /dir/
> drwxrwxrwx 2 DOMAIN\administrator DOMAIN\domain users 4096 2007-03-10
> 09:17 shared
>
> Next, go back to access the security tab on the share while tailing the
> messages log. I receive this:
>
> The log below doesn't get created until I click on the security tab.
>
> [2007/03/10 10
> ==============================================================>
[2007/03/10 10
> INTERNAL ERROR
> Please read the Trouble-Shooting section of the Samba3-HOWTO
> [2007/03/10 10
>
> From
> [2007/03/10 10
> ==============================================================>
[2007/03/10 10
> PANIC (pid 13523)
> [2007/03/10 10
> BACKTRACE
> #0 /usr/sbin/smbd(log_stack_trace+0x2d) [0x8021661d]
> #1 /usr/sbin/smbd(smb_panic+0x5d) [0x8021674d]
> #2 /usr/sbin/smbd [0x8020250a]
> #3 [0xb7f9a420]
> #4 /lib/libc.so.6(abort+0x101) [0xb7af8801]
> #5 /usr/sbin/smbd [0x8021c9f6]
> #6 /usr/sbin/smbd(talloc_steal+0x3a) [0x8021cbca]
> #7 /usr/sbin/smbd(lookup_sids+0x3aa) [0x801d3bca]
> #8 /usr/sbin/smbd [0x80106dc1]
> #9 /usr/sbin/smbd(_lsa_lookup_sids2+0x12d) [0x8010741d]
> #10 /usr/sbin/smbd [0x80103621]
> #11 /usr/sbin/smbd(api_rpcTNP+0x198) [0x80160ae8]
> #12 /usr/sbin/smbd(api_pipe_request+0x19e) [0x8016113e]
> #13 /usr/sbin/smbd [0x8015cbcf]
> #14 /usr/sbin/smbd [0x8015d10c]
> #15 /usr/sbin/smbd(write_to_pipe+0x6e) [0x8015b93e]
> #16 /usr/sbin/smbd [0x8005ee81]
> #17 /usr/sbin/smbd [0x8005f3b6]
> #18 /usr/sbin/smbd(reply_trans+0x5e0) [0x8005fcc0]
> #19 /usr/sbin/smbd [0x800b3d40]
> #20 /usr/sbin/smbd(smbd_process+0x78b) [0x800b4e3b]
> #21 /usr/sbin/smbd(main+0xbd0) [0x802bebf0]
> #22 /lib/libc.so.6(__libc_start_main+0xdc) [0xb7ae3f9c]
> #23 /usr/sbin/smbd [0x80042d91]
> [2007/03/10 10
> unable to change to /var/log/samba/cores/smbdrefusing to dump core
> [2007/03/10 10
> ==============================================================>
[2007/03/10 10
> INTERNAL ERROR
> Please read the Trouble-Shooting section of the Samba3-HOWTO
> [2007/03/10 10
>
> From
> [2007/03/10 10
> ==============================================================>
[2007/03/10 10
> PANIC (pid 13524)
> [2007/03/10 10
> BACKTRACE
> #0 /usr/sbin/smbd(log_stack_trace+0x2d) [0x8021661d]
> #1 /usr/sbin/smbd(smb_panic+0x5d) [0x8021674d]
> #2 /usr/sbin/smbd [0x8020250a]
> #3 [0xb7f9a420]
> #4 /lib/libc.so.6(abort+0x101) [0xb7af8801]
> #5 /usr/sbin/smbd [0x8021c9f6]
> #6 /usr/sbin/smbd(talloc_steal+0x3a) [0x8021cbca]
> #7 /usr/sbin/smbd(lookup_sids+0x3aa) [0x801d3bca]
> #8 /usr/sbin/smbd [0x80106dc1]
> #9 /usr/sbin/smbd(_lsa_lookup_sids2+0x12d) [0x8010741d]
> #10 /usr/sbin/smbd [0x80103621]
> #11 /usr/sbin/smbd(api_rpcTNP+0x198) [0x80160ae8]
> #12 /usr/sbin/smbd(api_pipe_request+0x19e) [0x8016113e]
> #13 /usr/sbin/smbd [0x8015cbcf]
> #14 /usr/sbin/smbd [0x8015d10c]
> #15 /usr/sbin/smbd(write_to_pipe+0x6e) [0x8015b93e]
> #16 /usr/sbin/smbd [0x8005ee81]
> #17 /usr/sbin/smbd [0x8005f3b6]
> #18 /usr/sbin/smbd(reply_trans+0x5e0) [0x8005fcc0]
> #19 /usr/sbin/smbd [0x800b3d40]
> #20 /usr/sbin/smbd(smbd_process+0x78b) [0x800b4e3b]
> #21 /usr/sbin/smbd(main+0xbd0) [0x802bebf0]
> #22 /lib/libc.so.6(__libc_start_main+0xdc) [0xb7ae3f9c]
> #23 /usr/sbin/smbd [0x80042d91]
> [2007/03/10 10
> unable to change to /var/log/samba/cores/smbdrefusing to dump core
>
> P.S. I'm really new to SAMBA as a domain member server and I don't
want to
> waste anyone's time with useless information. So, if there is more
> information or further debugging needed before I post let me know...
>
> Thanks in advance...
>