I have upgraded to samba 3.0.25 on a Debian Etch system and I am using
winbind to authenticate against active directory.
It used to work just fine with 3.0.24, wbinfo showed all users and
groups, getent used to show all users and groups, and I could 'su' and
do all sorts of fun stuff using domain accounts on my Debian box.
 
Using V3.0.25, wbinfo still reports everything as good, but getent won't
return domain users and passwords. Now I can't use domain accounts for
anything.
 
Here is my nsswitch.conf:
 
passwd:         files winbind
group:          files winbind
shadow:         files winbind
 
hosts:          files dns winbind
networks:       files winbind
 
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
 
netgroup:       nis
 
and here is my samba config:
 
[global]
        netbios name = Solidus
        workgroup = MARKETSCAN
        realm = MARKETSCAN.COM
        server string = %h Samba server, %v
        interfaces = lo, eth0
        bind interfaces only = Yes
        security = ADS
        encrypt passwords = yes
        password server = *
        obey pam restrictions = Yes
        passdb backend = tdbsam
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        name resolve order = lmhosts host bcast
        os level = 2
        preferred master = No
        local master = No
        domain master = No
        dns proxy = No
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template homedir = /home/MARKETSCAN/%U
        template shell = /bin/bash
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
 
[homes]
        comment = Home Directories
        path = /home/MARKETSCAN/%U
        valid users = %D\%U
        read only = No
        create mask = 0700
        directory mask = 0700
        browseable = No
 
[public]
        comment = Public Share on %h
        path = /home/samba/public
        valid users = +sa, @"MARKETSCAN\ggutierrez"
        read only = No
        create mask = 0775
        directory mask = 0775
 
[printers]
        comment = All Printers
        path = /var/spool/samba
        create mask = 0700
        printable = Yes
        browseable = No
 
[print$]
        comment = Printer Drivers
        path = /var/lib/samba/printers
 
Please help, I really want to be able to keep using Debian with ADS
authentication.
 
Guillermo Gutierrez
Network Administrator
Market Scan Information Systems, Inc.
(818) 575-2017
ggutierrez@marketscan.com