David Touzeau
2011-Aug-18 09:18 UTC
[Samba] 3.5.11: active directory: getent did not see users
Dear I thank there is misconfiguration here, did anybody help me ? have "Could not convert sid" issue wbinfo -t checking the trust secret for domain AD2003 via RPC calls succeeded root at nas03:~# wbinfo -n AD2003/gch S-1-5-21-1430701326-2212591448-2995707960-1119 SID_USER (1) root at nas03:~# wbinfo -s S-1-5-21-1430701326-2212591448-2995707960-1119 AD2003/gch 1 root at nas03:~# wbinfo -S S-1-5-21-1430701326-2212591448-2995707960-1119 Could not convert sid S-1-5-21-1430701326-2212591448-2995707960-1119 to uid here its is the configuration [global] workgroup = AD2003 netbios name = nas03 server string = %h server disable netbios =no name resolve order =host lmhosts wins bcast dns proxy = No wins support = No min protocol = NT1 syslog = 3 log level = 1 log file = /var/log/samba/log.%m debug timestamp = yes # Enable symbolics links ----------------------------------- follow symlinks = yes wide links = yes unix extensions = no usershare allow guests = no usershare max shares = 100 usershare owner only = true usershare path=/var/lib/samba/usershares/data #Guest access guest account = nobody map to guest = Bad Password template homedir = /home/%U template shell = /bin/false enable privileges = yes os level = 40 ldap passwd sync = no #WINBINDD ******************************************************* security = ADS realm = AD2003.GUIDTZ.LOCAL idmap config AD2003:backend = ad idmap config AD2003:readonly = yes idmap config AD2003:schema_mode = rfc2307 idmap config AD2003:range = 1000-999999 idmap gid = 16777216-33554431 idmap uid = 16777216-33554431 client use spnego = Yes encrypt passwords = Yes client ntlmv2 auth = Yes client lanman auth = No winbind normalize names = Yes winbind separator = / winbind use default domain = No winbind enum users = Yes winbind enum groups = Yes winbind nested groups = Yes winbind nss info = rfc2307 winbind offline logon = true winbind cache time = 5 winbind refresh tickets = true kerberos method = system keytab allow trusted domains = Yes server signing = mandatory client signing = mandatory lm announce = No ntlm auth = No lanman auth = No preferred master = No printing = bsd # VISTA/Windows7 compatibility # ACLs settings nt acl support=yes map acl inherit=yes acl check permissions=yes inherit permissions=no inherit acls=no acl map full control=yes dos filemode=yes force unknown acl user = no # LDAP settings ----------------------------------- ldap delete dn = no passdb backend = ldapsam:ldap://127.0.0.1:389 #scripts ----------------------------------- add machine script = /usr/share/artica-postfix/bin/artica-install --samba-add-computer "%u" ldap admin dn = cn=admin,dc=my-domain,dc=com ldap suffix = dc=my-domain,dc=com ldap group suffix = dc=organizations ldap user suffix = dc=organizations ldap machine suffix = ou=Computer,dc=samba,dc=organizations ldap delete dn = yes ldap ssl = off ldap idmap suffix ou=idmap,dc=samba,dc=organizations,dc=my-domain,dc=com logon path ="" logon home ="" logon drive = "" socket options = TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 case sensitive = No default case = lower preserve case = yes short preserve case = yes #character set = iso8859-1 #domain admin group = @admin wins support = Yes #hosts allow = 192.168.0. 127. time server = yes #MDFS parameters msdfs root = no host msdfs = no # Shared Folders lists ----------------------------------- [Partage001]