L.P.H. van Belle
2014-Apr-04 11:48 UTC
[Samba] winbind wiki ( and extra sernet info conserning winbind )
Hai, ? The wiki http://wiki.samba.org/index.php/Samba/Domain_Member ? is missing something like this tekst.? when you follow the wiki, from this point ? wbinfo -p Ping to winbindd succeeded wbinfo -u administrator dns-rtd-dc2 dns-rtd-dc1 krbtgt guest getent passwd output = only linux users ? you need to set nis (rfc2307) (uid/gid) on the users and groups in the AD, then when done, this works : getent passwd?DOMAIN\\Administrator ? Or if you preffer without the domain?: getent passwd Administrator ? same as ? id Administrator?? ? without the rfc2307 uid/gid assignment this does not work. ? and without it you wont be able to for example login with ssh if you did set the pam configurations. ? ------- Extra sernet info?-------------- ? If you use sernet-samba packages. sernet-samba-libs package provides :? libpam-winbind and libnss-winbind? so dont try to install these with sernet : libpam-winbind and libnss-winbind? these are included already. But because of this the command : pam-auth-update wont works you need to adapt the pam files by hand. ( I ask sernet to change this and be more compatible with the debian commands, if they change it thats up to sernet?) Debian wheezy-backports DO need these packages: libpam-winbind and libnss-winbind? and here pam-auth-update? works. Best regards, ? Louis
Marc Muehlfeld
2014-Apr-07 16:52 UTC
[Samba] winbind wiki ( and extra sernet info conserning winbind )
Hello Louis Am 04.04.2014 13:48, schrieb L.P.H. van Belle:> The wiki > http://wiki.samba.org/index.php/Samba/Domain_Member > > is missing something like this tekst. > when you follow the wiki, from this point>> getent passwd > output = only linux users > > you need to set nis (rfc2307) (uid/gid) on the users and groups in the AD, then when done, this works : > getent passwd DOMAIN\\AdministratorIt's already in there: https://wiki.samba.org/index.php/Samba/Domain_Member#Setting_up_a_basic_smb.conf > ...The ID mapping for domain users/groups is done via schema mode > rfc2307. Users/groups having a uidNumber/gidNumber set in AD, are > available on your member server with the same IDs as in your AD.... Regards, Marc