I'm receiving the errors listed below. It also seems unable to map the root
user uid 0 with this filter. That's not that big of a deal.
Wbinfo -u and -g return output but getent passwd does not. This is Ubuntu 7
using debian packages.
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_alloc(131)
Finding user DOMAIN\chapman
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(75)
Trying _Get_Pwnam(), username as lowercase is DOMAIN\chapman
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(83)
Trying _Get_Pwnam(), username as given is DOMAIN\chapman
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(93)
Trying _Get_Pwnam(), username as uppercase is DOMAIN\CHAPMAN
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(102)
Checking combinations of 0 uppercase letters in DOMAIN\chapman
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(108)
Get_Pwnam_internals didn't find user [DOMAIN\chapman]!
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_alloc(131)
Finding user chapman
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(75)
Trying _Get_Pwnam(), username as lowercase is chapman
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(93)
Trying _Get_Pwnam(), username as uppercase is CHAPMAN
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(102)
Checking combinations of 0 uppercase letters in chapman
[2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(108)
Get_Pwnam_internals didn't find user [chapman]!
[2007/06/28 13:27:59, 1] smbd/sesssetup.c:reply_spnego_kerberos(439)
Username DOMAIN\chapman is invalid on this system
[2007/06/28 13:27:59, 3] smbd/error.c:error_packet_set(106)
error packet at smbd/sesssetup.c(444) cmd=115 (SMBsesssetupX)
NT_STATUS_LOGON_FAILURE
# Samba config file created using SWAT
# from 172.16.30.30 (172.16.30.30)
# Date: 2007/06/28 13:19:12
[global]
workgroup = DOMAIN
realm = DOMAIN.COM
security = ADS
passdb backend = tdbsam
log level = 10
load printers = No
ldap ssl = no
idmap domains = ALLDOMAINS
winbind enum users = Yes
winbind enum groups = Yes
idmap config ALLDOMAINS:range = 0 - 20000
idmap config ALLDOMAINS:default = yes
idmap config ALLDOMAINS:backend = ad
[data]
path = /data
read only = No
[test2]
path = /data
I'm using the following settings and its working for me now
idmap domains = ALLDOMAINS
idmap config ALLDOMAINS:backend = ad
idmap config ALLDOMAINS:default = yes
idmap config ALLDOMAINS:range = 10000 - 20000
winbind nss info = rfc2307
My problem was that it without the winbind nss info it was pulling the
windows default groups which did not have RFC2307 attributes. Once I gave
them attributes it started working then with help from Jerry I realized how
to make it pull the rfc2307 fields instead. Once I cleared my winbind cache
all worked great.
-----Original Message-----
From: Diego Julian Remolina [mailto:diego.remolina@ibb.gatech.edu]
Sent: Friday, June 29, 2007 9:14 AM
To: David W. Chapman Jr.
Cc: samba@lists.samba.org
Subject: Re: [Samba] 3.0.25a && rfc2307
I experienced the same behavior after upgrading to 3.0.25a and adding the
idmap entries for my
domain. As you can see, the entries below from my smb.conf are commented
out. With the entries
commented out, everything works.
idmap uid = 10000-200000
idmap gid = 10000-200000
#idmap domains = PRAXIS3
#idmap config PRAXIS3: default = yes
#idmap config PRAXIS3: backend = tdb
#idmap config PRAXIS3: range = 10000 - 200000
How did I notice the problem?
1- I upgraded to 3.0.25a
2- Everything seemed to be ok until the moment I added a new user to AD
3- wbinfo -u would list the user, but getent passwd would not. Also, even
when wbinfo -u would list
all users, including the new one, wbinfo -i newusername would not provide
any information.
4. I commented out the idmap fields, restarted samba and winbind, and sure
enough all information
was there afterwards.
I did not debug this more since it is working and I only have one domain. I
am not sure if this may
hint that there is a bug, but I will be happy to test this time permiting if
I receive proper
instructions.
Diego
David W. Chapman Jr. wrote:> I'm receiving the errors listed below. It also seems unable to map the
root> user uid 0 with this filter. That's not that big of a deal.
>
> Wbinfo -u and -g return output but getent passwd does not. This is Ubuntu
7> using debian packages.
>
>
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_alloc(131)
> Finding user DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(75)
> Trying _Get_Pwnam(), username as lowercase is DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(83)
> Trying _Get_Pwnam(), username as given is DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(93)
> Trying _Get_Pwnam(), username as uppercase is DOMAIN\CHAPMAN
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(102)
> Checking combinations of 0 uppercase letters in DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(108)
> Get_Pwnam_internals didn't find user [DOMAIN\chapman]!
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_alloc(131)
> Finding user chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(75)
> Trying _Get_Pwnam(), username as lowercase is chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(93)
> Trying _Get_Pwnam(), username as uppercase is CHAPMAN
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(102)
> Checking combinations of 0 uppercase letters in chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(108)
> Get_Pwnam_internals didn't find user [chapman]!
> [2007/06/28 13:27:59, 1] smbd/sesssetup.c:reply_spnego_kerberos(439)
> Username DOMAIN\chapman is invalid on this system
> [2007/06/28 13:27:59, 3] smbd/error.c:error_packet_set(106)
> error packet at smbd/sesssetup.c(444) cmd=115 (SMBsesssetupX)
> NT_STATUS_LOGON_FAILURE
>
>
> # Samba config file created using SWAT
> # from 172.16.30.30 (172.16.30.30)
> # Date: 2007/06/28 13:19:12
>
> [global]
> workgroup = DOMAIN
> realm = DOMAIN.COM
> security = ADS
> passdb backend = tdbsam
> log level = 10
> load printers = No
> ldap ssl = no
> idmap domains = ALLDOMAINS
> winbind enum users = Yes
> winbind enum groups = Yes
> idmap config ALLDOMAINS:range = 0 - 20000
> idmap config ALLDOMAINS:default = yes
> idmap config ALLDOMAINS:backend = ad
>
> [data]
> path = /data
> read only = No
>
> [test2]
> path = /data
>
I experienced the same behavior after upgrading to 3.0.25a and adding the idmap
entries for my
domain. As you can see, the entries below from my smb.conf are commented out.
With the entries
commented out, everything works.
idmap uid = 10000-200000
idmap gid = 10000-200000
#idmap domains = PRAXIS3
#idmap config PRAXIS3: default = yes
#idmap config PRAXIS3: backend = tdb
#idmap config PRAXIS3: range = 10000 - 200000
How did I notice the problem?
1- I upgraded to 3.0.25a
2- Everything seemed to be ok until the moment I added a new user to AD
3- wbinfo -u would list the user, but getent passwd would not. Also, even when
wbinfo -u would list
all users, including the new one, wbinfo -i newusername would not provide any
information.
4. I commented out the idmap fields, restarted samba and winbind, and sure
enough all information
was there afterwards.
I did not debug this more since it is working and I only have one domain. I am
not sure if this may
hint that there is a bug, but I will be happy to test this time permiting if I
receive proper
instructions.
Diego
David W. Chapman Jr. wrote:> I'm receiving the errors listed below. It also seems unable to map the
root
> user uid 0 with this filter. That's not that big of a deal.
>
> Wbinfo -u and -g return output but getent passwd does not. This is Ubuntu
7
> using debian packages.
>
>
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_alloc(131)
> Finding user DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(75)
> Trying _Get_Pwnam(), username as lowercase is DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(83)
> Trying _Get_Pwnam(), username as given is DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(93)
> Trying _Get_Pwnam(), username as uppercase is DOMAIN\CHAPMAN
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(102)
> Checking combinations of 0 uppercase letters in DOMAIN\chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(108)
> Get_Pwnam_internals didn't find user [DOMAIN\chapman]!
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_alloc(131)
> Finding user chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(75)
> Trying _Get_Pwnam(), username as lowercase is chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(93)
> Trying _Get_Pwnam(), username as uppercase is CHAPMAN
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(102)
> Checking combinations of 0 uppercase letters in chapman
> [2007/06/28 13:27:59, 5] lib/username.c:Get_Pwnam_internals(108)
> Get_Pwnam_internals didn't find user [chapman]!
> [2007/06/28 13:27:59, 1] smbd/sesssetup.c:reply_spnego_kerberos(439)
> Username DOMAIN\chapman is invalid on this system
> [2007/06/28 13:27:59, 3] smbd/error.c:error_packet_set(106)
> error packet at smbd/sesssetup.c(444) cmd=115 (SMBsesssetupX)
> NT_STATUS_LOGON_FAILURE
>
>
> # Samba config file created using SWAT
> # from 172.16.30.30 (172.16.30.30)
> # Date: 2007/06/28 13:19:12
>
> [global]
> workgroup = DOMAIN
> realm = DOMAIN.COM
> security = ADS
> passdb backend = tdbsam
> log level = 10
> load printers = No
> ldap ssl = no
> idmap domains = ALLDOMAINS
> winbind enum users = Yes
> winbind enum groups = Yes
> idmap config ALLDOMAINS:range = 0 - 20000
> idmap config ALLDOMAINS:default = yes
> idmap config ALLDOMAINS:backend = ad
>
> [data]
> path = /data
> read only = No
>
> [test2]
> path = /data
>