Michael Ray
2013-Jan-25 22:21 UTC
[Samba] Samba3 File Server + Winbind -- AD Authentication Flaky/Inconsistent/Unreliable
Hey all, So, there are about a billion guides on the interwebs about how to have a samba3 file share authenticate against a samba4 AD. However, I am having two giant problems: one problem is that my problems are not consistent and the second problem is that it isn't working (presently). Long, sad story in a nut shell: my co-worker and I had spent several hours Monday/Tuesday futzing with this to work and at one point had it working. wbinfo -u, wbinfo -g, getent passwd and getent group were all returning local and AD users/groups. The world was wonderful. A snapshot of that working VM was taken the following morning (the **only** thing that happened to that VM between it working and the snapshot being taken was it was shutdown). When I fired it up today though, it did not work. wbinfo still gave AD info, but getent just would not have it. I restored to the snapshot just to be sure nothing had happened and the same issue persisted. I checked the various logs and I did not see any errors of any kind. This is a link to pastebin that shows my configuration files for krb5, nsswitch and smb as they were saved the morning after I got this working. I do not know what could have gone wrong, but it has. I will be trying to go through my documented procedure on Monday with a clean VM and then trying it with various random internet procedures if that fails. Any ideas / clues as to what blew up would be appreciated, as well as links to guides that people have used successfully. Thanks much, Mike Ray
Nico Kadel-Garcia
2013-Jan-26 02:24 UTC
[Samba] Samba3 File Server + Winbind -- AD Authentication Flaky/Inconsistent/Unreliable
On Fri, Jan 25, 2013 at 5:21 PM, Michael Ray <mray at xes-inc.com> wrote:> Hey all,> This is a link to pastebin that shows my configuration files for krb5, nsswitch and smb as they were saved the morning after I got this working. > > I do not know what could have gone wrong, but it has. I will be trying to go through my documented procedure on Monday with a clean VM and then trying it with various random internet procedures if that fails. > > Any ideas / clues as to what blew up would be appreciated, as well as links to guides that people have used successfully.You've not mentioned the OS you're running for the server, the particular release of Samba 3 and Samba 4 you're working with, nor precisely what you see in the logs. Please post those to get a better idea if it might be a known, and already fixed problem.