I have configured samba like member of AD, if i type in console 'wbinfo -u' y get all user of my AD, if type in console 'wbinfo -g' y get all groups too. It's correct but if i type 'getent passwd' or 'getent group' don't get any user or group of my AD... why??? * in nsswitch.conf appears: passws: files winbind group: files winbind shadow: files winbind i execute ldconfig for apply all changes of nsswitch.conf i have libnss_winbind.so and libnss_winbind.so.2 in /lib * smbd version is 3.0.25b and i compile this with arguments: --with-winbind --with-krb5=/usr/lib --with-ads * smb.conf: workgroup = DOMAIN realm = DOMAIN.INT netbios name = samba1 preferred master = no client schannel = no security = ADS password server = * idmap uid = 10000-250000 idmap gid = 10000-250000 winbind uid = 10000-250000 winbind gid = 10000-250000 winbind separator = + winbind enum users = yes winbind enum groups = yes * klist Default principal: administrator@DOMAIN.INT Valid starting Expires Service principal 07/11/07 12:26:17 07/11/07 22:26:18 krbtgt/DOMAIN.INT@DOMAIN.INT renew until 07/12/07 12:26:17 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached
> -----Messaggio originale----- > Da: samba-bounces+gianlucaculot=dmsware.com@lists.samba.org > [mailto:samba-bounces+gianlucaculot=dmsware.com@lists.samba.or > g] Per conto di Roberto Lizana > Inviato: mercoled? 11 luglio 2007 13.26 > A: samba@lists.samba.org > Oggetto: [Samba] cannot autenticate user in AD > > I have configured samba like member of AD, if i type in > console 'wbinfo -u' y get all user of my AD, if type in > console 'wbinfo -g' y get all groups too. It's correct but if > i type 'getent passwd' or 'getent group' > don't get any user or group of my AD... why??? > > * in nsswitch.conf appears: > passws: files winbind > group: files winbind > shadow: files winbind > > i execute ldconfig for apply all changes of nsswitch.conf > > i have libnss_winbind.so and libnss_winbind.so.2 in /lib > > * smbd version is 3.0.25b and i compile this with arguments: > --with-winbind --with-krb5=/usr/lib --with-ads > > * smb.conf: > workgroup = DOMAIN > realm = DOMAIN.INT > netbios name = samba1 > preferred master = no > client schannel = no > security = ADS > password server = * > idmap uid = 10000-250000 > idmap gid = 10000-250000 > winbind uid = 10000-250000 > winbind gid = 10000-250000 > winbind separator = + > winbind enum users = yes > winbind enum groups = yes > > > * klist > Default principal: administrator@DOMAIN.INT > > Valid starting Expires Service principal > 07/11/07 12:26:17 07/11/07 22:26:18 krbtgt/DOMAIN.INT@DOMAIN.INT > renew until 07/12/07 12:26:17 > > > Kerberos 4 ticket cache: /tmp/tkt0 > klist: You have no tickets cached > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: lists.samba.org/mailman/listinfo/samba >Hello Roberto I'm not a Samba Expert, so ... Make backups before trying what I suggest :D I don't like two settings in your smb.conf password server = * >>> I'd specify an address or a name which CAN be sonved by DNS winbind separator = + >>> YOU REALLY SURE ? I'd suppress this with a comment # Hope this helps Be well Gianluca