Rowland,
I set a user with a uid and domain users group with a gid but I'm
still unable to view them using 'id'. I do notice a few strange
observations. If I go to another user to attempt to assign a uid. I get
the default value of 10000. I would expect 2001 given I set the first
user with uid 2000. Groups however appear to increment.
On 12/31/2014 10:52 AM, Rowland Penny wrote:> On 31/12/14 15:42, James wrote:
>> Hello Stefan,
>>
>> I learned the hard way about .local. I understand going forward.
>>
>> I do have an issue with the member server. Following along with the
>> wiki I get stuck at 'Testing the Winbind user/group mapping'.
Wbinfo
>> works as expected but not
>>
>> #*id DomainUser*
>>
>> #*getent passwd*
>>
>> #*getent group*
>>
>> #*chown DomainUser:DomainGroup file*
>>
>> #*chgrp DomainGroup file*
>>
>> etc.
>>
>> I receive 'id: sambauser: No such user'. It will only retrieve
local
>> machine users. Let me preface by saying this is a Ubuntu 12.04 server
>> with Samba 4.1.14. Thanks.
>>
>> On 12/31/2014 10:00 AM, Stefan Kania wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Hello James,
>>>
>>> Am 31.12.2014 um 15:48 schrieb James:> Hello,
>>>> I'm following along with the wiki(Setup a Samba AD Member
Server)
>>>> and I have a question after reading the 'Set up a basic
smb.conf'
>>>> section.
>>> Please show us your smb.conf
>>>
>>> Do I need to extend the schema in order for my member server to
>>>> successfully join and service file shares?
>>> No, you dont have to.
>>>
>>> Do I need to configure a
>>>> krb5.conf file? Thanks.
>>> If your DC is a samba4 DC just copy krb5.conf to your new
memberserver
>>> Stefan
>>>
>>> - -- Stefan Kania
>>> Landweg 13
>>> 25693 St. Michaelisdonn
>>>
>>>
>>> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre
>>> E-Mail. Weiter Informationen unter http://www.gnupg.org
>>>
>>> Mein Schl?ssel liegt auf
>>>
>>> hkp://subkeys.pgp.net
>>>
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1
>>>
>>> iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7
>>> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN
>>> =SOSt
>>> -----END PGP SIGNATURE-----
>>
>
> If you followed the wiki, you will be using the 'ad' backend. For
this
> to work, you need to add 'uidNumber' attributes to your users and a
> 'gidNumber' attribute to at least the Domain Users group. the
numbers
> that you add must be between the range you set in your smb.conf, again
> if you followed the wiki, this will be between 500-40000.
>
> Rowland
--
-James
On 31/12/14 17:23, James wrote:> Rowland, > > I set a user with a uid and domain users group with a gid but I'm > still unable to view them using 'id'. I do notice a few strange > observations. If I go to another user to attempt to assign a uid. I > get the default value of 10000. I would expect 2001 given I set the > first user with uid 2000. Groups however appear to increment. > > On 12/31/2014 10:52 AM, Rowland Penny wrote: >> On 31/12/14 15:42, James wrote: >>> Hello Stefan, >>> >>> I learned the hard way about .local. I understand going forward. >>> >>> I do have an issue with the member server. Following along with the >>> wiki I get stuck at 'Testing the Winbind user/group mapping'. Wbinfo >>> works as expected but not >>> >>> #*id DomainUser* >>> >>> #*getent passwd* >>> >>> #*getent group* >>> >>> #*chown DomainUser:DomainGroup file* >>> >>> #*chgrp DomainGroup file* >>> >>> etc. >>> >>> I receive 'id: sambauser: No such user'. It will only retrieve local >>> machine users. Let me preface by saying this is a Ubuntu 12.04 >>> server with Samba 4.1.14. Thanks. >>> >>> On 12/31/2014 10:00 AM, Stefan Kania wrote: >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Hello James, >>>> >>>> Am 31.12.2014 um 15:48 schrieb James:> Hello, >>>>> I'm following along with the wiki(Setup a Samba AD Member Server) >>>>> and I have a question after reading the 'Set up a basic smb.conf' >>>>> section. >>>> Please show us your smb.conf >>>> >>>> Do I need to extend the schema in order for my member server to >>>>> successfully join and service file shares? >>>> No, you dont have to. >>>> >>>> Do I need to configure a >>>>> krb5.conf file? Thanks. >>>> If your DC is a samba4 DC just copy krb5.conf to your new memberserver >>>> Stefan >>>> >>>> - -- Stefan Kania >>>> Landweg 13 >>>> 25693 St. Michaelisdonn >>>> >>>> >>>> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre >>>> E-Mail. Weiter Informationen unter http://www.gnupg.org >>>> >>>> Mein Schl?ssel liegt auf >>>> >>>> hkp://subkeys.pgp.net >>>> >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1 >>>> >>>> iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7 >>>> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN >>>> =SOSt >>>> -----END PGP SIGNATURE----- >>> >> >> If you followed the wiki, you will be using the 'ad' backend. For >> this to work, you need to add 'uidNumber' attributes to your users >> and a 'gidNumber' attribute to at least the Domain Users group. the >> numbers that you add must be between the range you set in your >> smb.conf, again if you followed the wiki, this will be between >> 500-40000. >> >> Rowland >You have restarted samba, haven't you ? You may have to wait a short time, or clear the cache with 'net cache flush' Rowland
On 12/31/2014 11:26 AM, Rowland Penny wrote:> On 31/12/14 17:23, James wrote: >> Rowland, >> >> I set a user with a uid and domain users group with a gid but I'm >> still unable to view them using 'id'. I do notice a few strange >> observations. If I go to another user to attempt to assign a uid. I >> get the default value of 10000. I would expect 2001 given I set the >> first user with uid 2000. Groups however appear to increment. >> >> On 12/31/2014 10:52 AM, Rowland Penny wrote: >>> On 31/12/14 15:42, James wrote: >>>> Hello Stefan, >>>> >>>> I learned the hard way about .local. I understand going forward. >>>> >>>> I do have an issue with the member server. Following along with the >>>> wiki I get stuck at 'Testing the Winbind user/group mapping'. >>>> Wbinfo works as expected but not >>>> >>>> #*id DomainUser* >>>> >>>> #*getent passwd* >>>> >>>> #*getent group* >>>> >>>> #*chown DomainUser:DomainGroup file* >>>> >>>> #*chgrp DomainGroup file* >>>> >>>> etc. >>>> >>>> I receive 'id: sambauser: No such user'. It will only retrieve >>>> local machine users. Let me preface by saying this is a Ubuntu >>>> 12.04 server with Samba 4.1.14. Thanks. >>>> >>>> On 12/31/2014 10:00 AM, Stefan Kania wrote: >>>>> -----BEGIN PGP SIGNED MESSAGE----- >>>>> Hash: SHA1 >>>>> >>>>> Hello James, >>>>> >>>>> Am 31.12.2014 um 15:48 schrieb James:> Hello, >>>>>> I'm following along with the wiki(Setup a Samba AD Member Server) >>>>>> and I have a question after reading the 'Set up a basic smb.conf' >>>>>> section. >>>>> Please show us your smb.conf >>>>> >>>>> Do I need to extend the schema in order for my member server to >>>>>> successfully join and service file shares? >>>>> No, you dont have to. >>>>> >>>>> Do I need to configure a >>>>>> krb5.conf file? Thanks. >>>>> If your DC is a samba4 DC just copy krb5.conf to your new >>>>> memberserver >>>>> Stefan >>>>> >>>>> - -- Stefan Kania >>>>> Landweg 13 >>>>> 25693 St. Michaelisdonn >>>>> >>>>> >>>>> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre >>>>> E-Mail. Weiter Informationen unter http://www.gnupg.org >>>>> >>>>> Mein Schl?ssel liegt auf >>>>> >>>>> hkp://subkeys.pgp.net >>>>> >>>>> -----BEGIN PGP SIGNATURE----- >>>>> Version: GnuPG v1 >>>>> >>>>> iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7 >>>>> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN >>>>> =SOSt >>>>> -----END PGP SIGNATURE----- >>>> >>> >>> If you followed the wiki, you will be using the 'ad' backend. For >>> this to work, you need to add 'uidNumber' attributes to your users >>> and a 'gidNumber' attribute to at least the Domain Users group. the >>> numbers that you add must be between the range you set in your >>> smb.conf, again if you followed the wiki, this will be between >>> 500-40000. >>> >>> Rowland >> > > You have restarted samba, haven't you ? > You may have to wait a short time, or clear the cache with 'net cache > flush' > > Rowland >Also make sure you have disabled/stopped nscd. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin
Hi Rowland,
I did. Unfortunately something is still amiss. I do receive a
response from 'getent group domain users'(users:x:100).
On 12/31/2014 12:26 PM, Rowland Penny wrote:> On 31/12/14 17:23, James wrote:
>> Rowland,
>>
>> I set a user with a uid and domain users group with a gid but
I'm
>> still unable to view them using 'id'. I do notice a few strange
>> observations. If I go to another user to attempt to assign a uid. I
>> get the default value of 10000. I would expect 2001 given I set the
>> first user with uid 2000. Groups however appear to increment.
>>
>> On 12/31/2014 10:52 AM, Rowland Penny wrote:
>>> On 31/12/14 15:42, James wrote:
>>>> Hello Stefan,
>>>>
>>>> I learned the hard way about .local. I understand going
forward.
>>>>
>>>> I do have an issue with the member server. Following along with
the
>>>> wiki I get stuck at 'Testing the Winbind user/group
mapping'.
>>>> Wbinfo works as expected but not
>>>>
>>>> #*id DomainUser*
>>>>
>>>> #*getent passwd*
>>>>
>>>> #*getent group*
>>>>
>>>> #*chown DomainUser:DomainGroup file*
>>>>
>>>> #*chgrp DomainGroup file*
>>>>
>>>> etc.
>>>>
>>>> I receive 'id: sambauser: No such user'. It will only
retrieve
>>>> local machine users. Let me preface by saying this is a Ubuntu
>>>> 12.04 server with Samba 4.1.14. Thanks.
>>>>
>>>> On 12/31/2014 10:00 AM, Stefan Kania wrote:
>>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>>> Hash: SHA1
>>>>>
>>>>> Hello James,
>>>>>
>>>>> Am 31.12.2014 um 15:48 schrieb James:> Hello,
>>>>>> I'm following along with the wiki(Setup a Samba AD
Member Server)
>>>>>> and I have a question after reading the 'Set up a
basic smb.conf'
>>>>>> section.
>>>>> Please show us your smb.conf
>>>>>
>>>>> Do I need to extend the schema in order for my member
server to
>>>>>> successfully join and service file shares?
>>>>> No, you dont have to.
>>>>>
>>>>> Do I need to configure a
>>>>>> krb5.conf file? Thanks.
>>>>> If your DC is a samba4 DC just copy krb5.conf to your new
>>>>> memberserver
>>>>> Stefan
>>>>>
>>>>> - -- Stefan Kania
>>>>> Landweg 13
>>>>> 25693 St. Michaelisdonn
>>>>>
>>>>>
>>>>> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren
Sie ihre
>>>>> E-Mail. Weiter Informationen unter http://www.gnupg.org
>>>>>
>>>>> Mein Schl?ssel liegt auf
>>>>>
>>>>> hkp://subkeys.pgp.net
>>>>>
>>>>> -----BEGIN PGP SIGNATURE-----
>>>>> Version: GnuPG v1
>>>>>
>>>>>
iEYEARECAAYFAlSkD3EACgkQ2JOGcNAHDTZdlwCgwsQF0g/pFp65ldcTMWDcJ1O7
>>>>> LScAoLDzorUJNDCik4FP9dBUxKCbAbGN
>>>>> =SOSt
>>>>> -----END PGP SIGNATURE-----
>>>>
>>>
>>> If you followed the wiki, you will be using the 'ad'
backend. For
>>> this to work, you need to add 'uidNumber' attributes to
your users
>>> and a 'gidNumber' attribute to at least the Domain Users
group. the
>>> numbers that you add must be between the range you set in your
>>> smb.conf, again if you followed the wiki, this will be between
>>> 500-40000.
>>>
>>> Rowland
>>
>
> You have restarted samba, haven't you ?
> You may have to wait a short time, or clear the cache with 'net cache
> flush'
>
> Rowland
>
--
-James