I'm trying to get my CentOS 5.6 machine setup as a Active Directory Domain Member with Windows 2008 level domain and samba 3.5. I haven't tried this before. I can successfully join the domain and return users using 'wbinfo -u' and groups with 'wbinfo -g' but when I try 'getent passwd' I only get the local users. I'm not sure what element that indicates is failing in the process. I'm not confident in my pam.d/ setup since different guides show different methods of setting this up. The /etc/nsswitch.conf file has been edited to include winbind as a source for passwd/shadow/group. The only insightful error message I see in the samba logs is this (repeated over and over in all the logs) but I haven't found the solution. Is this the cause of my problems? How do I disable spinlocks? I'm using a prebuilt package from sernet [2011/11/01 16:46:19.979981, 1] lib/util_tdb.c:385(tdb_log) tdb(unnamed): tdb_open_ex: spinlocks no longer supported Here is my samba configuration dumped from smbtest: [root at sambatest ~]# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section "[test]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = SHAMOFFICE realm = SHAMBHALA-OFFICE.LOCAL interfaces = 127.0.0.1, eth0 bind interfaces only = Yes security = ADS printcap name = cups idmap backend = ad idmap uid = 10000-20000 idmap gid = 30000-40000 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes idmap config SHAMOFFICE : schema_mode = rfc2307 idmap config SHAMOFFICE : range = 4000-5000 idmap config SHAMOFFICE : backend = ad idmap config * : range = 2000-3000 idmap config * : backend = tdb [test] comment = Directory for storing pictures by jims users path = /local/test read only = No guest ok = Yes
Shot in the dark.. is nscd running? I have been bitten by that a few times. On 11/1/2011 5:04 PM, James Chase wrote:> I'm trying to get my CentOS 5.6 machine setup as a Active Directory > Domain Member with Windows 2008 level domain and samba 3.5. I haven't > tried this before. > > I can successfully join the domain and return users using 'wbinfo -u' > and groups with 'wbinfo -g' but when I try 'getent passwd' I only get > the local users. I'm not sure what element that indicates is failing > in the process. I'm not confident in my pam.d/ setup since different > guides show different methods of setting this up. The > /etc/nsswitch.conf file has been edited to include winbind as a source > for passwd/shadow/group. > > The only insightful error message I see in the samba logs is this > (repeated over and over in all the logs) but I haven't found the > solution. Is this the cause of my problems? How do I disable > spinlocks? I'm using a prebuilt package from sernet > > [2011/11/01 16:46:19.979981, 1] lib/util_tdb.c:385(tdb_log) > tdb(unnamed): tdb_open_ex: spinlocks no longer supported > > Here is my samba configuration dumped from smbtest: > > [root at sambatest ~]# testparm > Load smb config files from /etc/samba/smb.conf > rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) > Processing section "[test]" > Loaded services file OK. > Server role: ROLE_DOMAIN_MEMBER > Press enter to see a dump of your service definitions > > [global] > workgroup = SHAMOFFICE > realm = SHAMBHALA-OFFICE.LOCAL > interfaces = 127.0.0.1, eth0 > bind interfaces only = Yes > security = ADS > printcap name = cups > idmap backend = ad > idmap uid = 10000-20000 > idmap gid = 30000-40000 > winbind enum users = Yes > winbind enum groups = Yes > winbind use default domain = Yes > idmap config SHAMOFFICE : schema_mode = rfc2307 > idmap config SHAMOFFICE : range = 4000-5000 > idmap config SHAMOFFICE : backend = ad > idmap config * : range = 2000-3000 > idmap config * : backend = tdb > > [test] > comment = Directory for storing pictures by jims users > path = /local/test > read only = No > guest ok = Yes > > > > >
I tried a second install of CentOS with X, thinking perhaps the GUI setup might do something that I was missing in terms of getting samba connected to active directory. However I still can't get this to work (now wbinfo doesn't seem to work either) in CentOS. I also tried Fedora 14. Then I tried a Ubuntu 11 install and followed their instructions from the wiki: https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto And it worked! I tried to apply the same settings to CentOS setup but I still get no output from 'getent passwd'. Ubuntu is running version 3.5.11 while CentoS is 3.5.4. Think my best bet is building from source and trying 3.5.11 or 3.5.12 on CentOS? Are there any critical flags that need to be set during the configuration to make sure samba will work with active directory/winbind? James> I'm trying to get my CentOS 5.6 machine setup as a Active Directory > Domain Member with Windows 2008 level domain and samba 3.5. I haven't > tried this before. > > I can successfully join the domain and return users using 'wbinfo -u' > and groups with 'wbinfo -g' but when I try 'getent passwd' I only get > the local users. I'm not sure what element that indicates is failing > in the process. I'm not confident in my pam.d/ setup since different > guides show different methods of setting this up. The > /etc/nsswitch.conf file has been edited to include winbind as a source > for passwd/shadow/group. > > The only insightful error message I see in the samba logs is this > (repeated over and over in all the logs) but I haven't found the > solution. Is this the cause of my problems? How do I disable > spinlocks? I'm using a prebuilt package from sernet > > [2011/11/01 16:46:19.979981, 1] lib/util_tdb.c:385(tdb_log) > tdb(unnamed): tdb_open_ex: spinlocks no longer supported > > Here is my samba configuration dumped from smbtest: > > [root at sambatest ~]# testparm > Load smb config files from /etc/samba/smb.conf > rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) > Processing section "[test]" > Loaded services file OK. > Server role: ROLE_DOMAIN_MEMBER > Press enter to see a dump of your service definitions > > [global] > workgroup = SHAMOFFICE > realm = SHAMBHALA-OFFICE.LOCAL > interfaces = 127.0.0.1, eth0 > bind interfaces only = Yes > security = ADS > printcap name = cups > idmap backend = ad > idmap uid = 10000-20000 > idmap gid = 30000-40000 > winbind enum users = Yes > winbind enum groups = Yes > winbind use default domain = Yes > idmap config SHAMOFFICE : schema_mode = rfc2307 > idmap config SHAMOFFICE : range = 4000-5000 > idmap config SHAMOFFICE : backend = ad > idmap config * : range = 2000-3000 > idmap config * : backend = tdb > > [test] > comment = Directory for storing pictures by jims users > path = /local/test > read only = No > guest ok = Yes > > > >