I'm running Samba version Version 3.0.25b-1.el5_1.2 on RH Enterprise Linux 5. I've configured the SMB server to get users from a Windows 2003 Server Active Directory tree. I was able to join the machine to the domain with no problem. Here's the smb.conf Quote: [global] idmap gid = 60000-90000 winbind trusted domains only = yes encrypt passwords = yes show add printer wizard = No winbind use default domain = Yes realm = <domain> netbios name = <servername> printing = cups idmap uid = 10000-50000 password server = <dcname> workgroup = <domain> os level = 20 printcap name = cups security = domain winbind separator = \ disable spoolss = Yes winbind enum groups = yes winbind enum users = yes My nsswitch.conf has the following; Quote: passwd: files winbind shadow: files group: files winbind wbinfo -u and wbinfo-g work well, returning a list of users and groups. However, when I issue 'getent passwd' my winbind log (/var/log/samba/winbindd.log) shows a long list of the following and no users are added to the passwd db; Quote: [2007/12/04 12:11:03, 1] nsswitch/winbindd_ads.c:query_user_list(209) Not a user account? atype=0x30000000 Not sure where to go from here. Any help or hints would be appreciated. Jamie Gordon QA Manager WideOrbit jgordon@wideorbit.com <mailto:jgordon@wideorbit.com> "You can't make what you can't measure, 'cause you don't know when you've got it made."
> wbinfo -u and wbinfo-g work well, returning a list of users and groups. > However, when I issue 'getent passwd' my winbind log > (/var/log/samba/winbindd.log) shows a long list of the following and no > users are added to the passwd db;Perhaps I misunderstand you, but getent is a query tool, not something that you use to add entries to /etc/passwd or /etc/group. If you wanted to use it to add entries, you'd need to do something like: getent passwd | grep "YOURDOMAIN+" >> /etc/passwd But, then that would defeat the purpose of using winbind anyway. Hope this helps, Nathan VanHoudnos
You need to add idmap uid with the same range as the gid, well at least that is what I've always have done. Jamie Gordon wrote:> I'm running Samba version Version 3.0.25b-1.el5_1.2 on RH Enterprise > Linux 5. I've configured the SMB server to get users from a Windows 2003 > Server Active Directory tree. I was able to join the machine to the > domain with no problem. > > Here's the smb.conf > > Quote: > > [global] > idmap gid = 60000-90000 > winbind trusted domains only = yes > encrypt passwords = yes > show add printer wizard = No > winbind use default domain = Yes > realm = <domain> > netbios name = <servername> > printing = cups > idmap uid = 10000-50000 > password server = <dcname> > workgroup = <domain> > os level = 20 > printcap name = cups > security = domain > winbind separator = \ > disable spoolss = Yes > winbind enum groups = yes > winbind enum users = yes > > My nsswitch.conf has the following; > > Quote: > > passwd: files winbind > shadow: files > group: files winbind > > > wbinfo -u and wbinfo-g work well, returning a list of users and groups. > However, when I issue 'getent passwd' my winbind log > (/var/log/samba/winbindd.log) shows a long list of the following and no > users are added to the passwd db; > > Quote: > > [2007/12/04 12:11:03, 1] nsswitch/winbindd_ads.c:query_user_list(209) > Not a user account? atype=0x30000000 > > Not sure where to go from here. Any help or hints would be appreciated. > > > > Jamie Gordon > > QA Manager > > WideOrbit > > jgordon@wideorbit.com <mailto:jgordon@wideorbit.com> > > > > "You can't make what you can't measure, 'cause you don't know when > you've got it made." > > > >