Jose Santiago Oyervides
2007-Dec-12 19:35 UTC
[Samba] Cannot see trusted domains (getfacl or setfacl)
Hi, I have a samba server (version 3.0.28). I have joined my server to my domain with no problems. Since I will have postfix in my machine, (to relay mails externally) I configured my /etc/resolv.conf with my external dns first and later my internal dns. The problem is that when I try to apply acl permissions on some folder (using setfacl) I cannot see the trusted domains, If I comment out the entries in my resolv.conf of the external dns servers, it works fine, the same for getfacl, I need to comment out the external dns in order to view the permissions. I only see the uid numbers (group:10007:rwx instead of group:domain\group:rwx) I have configured my samba server to first lookup my lmhosts and in the lmhosts I have the netbios name for all trusted domains, but It seems, samba (or winbind) is looking up directly my resolv.conf file ignoring my lmhosts file. Does someone know why could have been happening this? Is there a way getfacl and setfacl look first in my lmhosts and hosts file? Regards, Jose Oyervides. This is my config files: smb.conf [global] workgroup = MYDOMAIN netbios name = MYSERVERNAME #server string = Samba Server %v security = ADS password server = 192.168.0.1 192.168.0.2 192.168.0.3 encrypt passwords = Yes wins server = 192.168.0.20 192.168.0.21 local master = no domain master = no preferred master = no log level =3 log file = /var/log/samba/%m.log max log size = 1000 idmap uid = 10000-60000 idmap gid = 10000-60000 winbind enum users = yes winbind enum groups = yes realm = MYREALM.COMPANY.COM winbind use default domain = Yes interfaces = 127.0.0.1/255.0.0.0 192.168.0.25/255.255.240.0 template shell = /bin/bash template homedir = /home//%D/%U username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 name resolve order = lmhosts wins bcast bind interfaces only = yes nsswitch.conf passwd: files winbind shadow: files group: files winbind hosts: files wins dns winbind krb5.conf [realms] MYREALM.COMPANY.COM = { kdc = SERVER1.COMPANY.COM } MYTRUSTEDDOMAIN.COMPANY.COM = { kdc = SERVER23.COMPANY.COM } resolv.conf domain MYDOMAIN nameserver (external dns) nameserver (external dns) nameserver (internal dns) nameserver (internal dns) search MYDOMAIN.COMPANY.COM search MYTRUSTEDDOMAIN.COMPANY.COM lmhosts MYDOMAINDC 192.168.0.1 MYDOMAINTRUSTED 192.168.0.20
Reasonably Related Threads
- 6434606 getfacl/setfacl of files/dirs over NFSv4 with ZFS underneath fail
- How does one "look at AD" in Samba4.1?
- Joining Samba4 to Win 2008 AD domain breaks other kerberos functions
- Joining Samba4 to Win 2008 AD domain breaks other kerberos functions
- errors from ads_krb5_mk_req errors and util_sock.c:send_smb