samba - Apr 2016 - Domain member seems to work, wbinfo -u not (update3)

On 16/04/16 21:09, L.P.H. van Belle wrote:
> New update.
>
>   
>
> I now have done about 6 machines.
>
> 2 with samba 4.2.10 work fine, 2 not.
>
> 1 with samba 4.3.7 works fine, 1 not.
>
>   
>
> I saw Jelmer updated the samba to 4.3.8 in sid, so i recompiled these to
jessie.
>
> I upgraded the 4.3.7 to 4.3.8
Hi Louis, debian 4.2.10 is the same as Samba 4.2.11 and debian 4.3.7 is 
the same as 4.3.8. There was a regression and this was fixed with a 
patch, the debian packages install the patch separately, the later Samba 
tarballs include the patch. This confused the hell out of me, until it 
was explained.
>
> Same result. Wbinfo -g works, -u not. For both servers.
>
>   
>
> I notice one strange thing here.
>
> I have 2 servers, both samba 4.2.10, all stock debian packages.
>
> My file server and my print server, both installed with the same script.
>
> Only the name changed here in the script. One works ok, one not.
>
>   
>
> I notice some difference between these 2.
>
>   
>
> The file server, "wbinfo -u" works, and "getent passwd"
works.
>
> The print server, "wbinfo -u" does not work, and "getent
passwd" works not,
>
> but "getent passwd username" works.
>
>   
>
> Also the output is bit different.
>
> File server shows  : username:*:10002:10000:U.
username:/home/users/username:/bin/bash
>
> Print server shows : username:*:10002:10000::/home/users/username:/bin/bash
>
>   
>
> So anyone an idea where to look from here. But ^^^ must be a clue..
>
>   
>
>   
>
> What did i check if settings are the same on both servers.
>
> Samba smb.conf, beside hostnames ip shares used, all same.
>
> Resolv.conf checked.
>
> Nsswitch.conf checked.
>
> Added the TLS parameters, ssl, checked.
>
> Idmap.conf checked. ( needed for the nfs kerberized things )
>
> UID/GID all there where its needed.
>
>   
>
> And example of my config.
>
>   
>
> [global]
>
>      workgroup = NTDOM
>
>      security = ADS
>
>      realm = REALM.DOM
>
>      netbios name = PRINT1
>
>      domain master = no
>
>      host msdfs = no
>
>      dns proxy = yes
>
>        
>
>      kerberos method = secrets and keytab
>
>      dedicated keytab file = /etc/krb5.keytab
>
>      client signing = if_required
>
>   
>
>      ## map id's outside to domain to tdb files.
>
>      idmap config *: backend = tdb
>
>      idmap config *: range = 2000-9999
>
>      ## map ids from the domain and (*) the range may not overlap !
>
>      idmap config NTDOM: backend = ad
>
>      idmap config NTDOM: schema_mode = rfc2307
>
>      idmap config NTDOM: range = 10000-3999999
>
>   
>
>      # Use home directory and shell information from AD
>
>      winbind nss info = rfc2307
>
>   
>
>      winbind trusted domains only = no
>
>      winbind use default domain = yes
>
>      winbind expand groups = 4
>
>      winbind enum users  = yes
>
>      winbind enum groups = yes
>
>      # offline login and refresh keytab (tickets)
>
>      winbind refresh tickets = yes
>
>      winbind offline logon = yes
>
>   
>
>      # disable printing completely
>
>      load printers = no
>
>      printing = bsd
>
>      printcap name = /dev/null
>
>      disable spoolss = yes
>
>   
>
>      #Add and Update TLS Key
>
>      tls enabled = yes
>
>      tls keyfile = /etc/ssl/private/SOMEFILEk.pem
>
>      tls certfile = /etc/ssl/certs/SOMEFILEc.pem
>
>      tls cafile = /etc/ssl/certs/COMPANY-ca.pem
>
>   
>
>   
>
> Greetz,
>
>   
>
> Louis
>
>   
>
>   
I am now updating my DC's and I will set up a new domain member (in a 
VM) using a self compiled 4.4.2, I will report back later.

Rowland

On 16/04/16 21:31, Rowland penny wrote:
> On 16/04/16 21:09, L.P.H. van Belle wrote:
>> New update.
>>
>>
>> I now have done about 6 machines.
>>
>> 2 with samba 4.2.10 work fine, 2 not.
>>
>> 1 with samba 4.3.7 works fine, 1 not.
>>
>>
>> I saw Jelmer updated the samba to 4.3.8 in sid, so i recompiled these 
>> to jessie.
>>
>> I upgraded the 4.3.7 to 4.3.8
>
> Hi Louis, debian 4.2.10 is the same as Samba 4.2.11 and debian 4.3.7 
> is the same as 4.3.8. There was a regression and this was fixed with a 
> patch, the debian packages install the patch separately, the later 
> Samba tarballs include the patch. This confused the hell out of me, 
> until it was explained.
>
>>
>> Same result. Wbinfo -g works, -u not. For both servers.
>>
>>
>> I notice one strange thing here.
>>
>> I have 2 servers, both samba 4.2.10, all stock debian packages.
>>
>> My file server and my print server, both installed with the same
script.
>>
>> Only the name changed here in the script. One works ok, one not.
>>
>>
>> I notice some difference between these 2.
>>
>>
>> The file server, "wbinfo -u" works, and "getent
passwd" works.
>>
>> The print server, "wbinfo -u" does not work, and "getent
passwd"
>> works not,
>>
>> but "getent passwd username" works.
>>
>>
>> Also the output is bit different.
>>
>> File server shows  : username:*:10002:10000:U. 
>> username:/home/users/username:/bin/bash
>>
>> Print server shows : 
>> username:*:10002:10000::/home/users/username:/bin/bash
>>
>>
>> So anyone an idea where to look from here. But ^^^ must be a clue..
>>
>>
>>
>> What did i check if settings are the same on both servers.
>>
>> Samba smb.conf, beside hostnames ip shares used, all same.
>>
>> Resolv.conf checked.
>>
>> Nsswitch.conf checked.
>>
>> Added the TLS parameters, ssl, checked.
>>
>> Idmap.conf checked. ( needed for the nfs kerberized things )
>>
>> UID/GID all there where its needed.
>>
>>
>> And example of my config.
>>
>>
>> [global]
>>
>>      workgroup = NTDOM
>>
>>      security = ADS
>>
>>      realm = REALM.DOM
>>
>>      netbios name = PRINT1
>>
>>      domain master = no
>>
>>      host msdfs = no
>>
>>      dns proxy = yes
>>
>>
>>      kerberos method = secrets and keytab
>>
>>      dedicated keytab file = /etc/krb5.keytab
>>
>>      client signing = if_required
>>
>>
>>      ## map id's outside to domain to tdb files.
>>
>>      idmap config *: backend = tdb
>>
>>      idmap config *: range = 2000-9999
>>
>>      ## map ids from the domain and (*) the range may not overlap !
>>
>>      idmap config NTDOM: backend = ad
>>
>>      idmap config NTDOM: schema_mode = rfc2307
>>
>>      idmap config NTDOM: range = 10000-3999999
>>
>>
>>      # Use home directory and shell information from AD
>>
>>      winbind nss info = rfc2307
>>
>>
>>      winbind trusted domains only = no
>>
>>      winbind use default domain = yes
>>
>>      winbind expand groups = 4
>>
>>      winbind enum users  = yes
>>
>>      winbind enum groups = yes
>>
>>      # offline login and refresh keytab (tickets)
>>
>>      winbind refresh tickets = yes
>>
>>      winbind offline logon = yes
>>
>>
>>      # disable printing completely
>>
>>      load printers = no
>>
>>      printing = bsd
>>
>>      printcap name = /dev/null
>>
>>      disable spoolss = yes
>>
>>
>>      #Add and Update TLS Key
>>
>>      tls enabled = yes
>>
>>      tls keyfile = /etc/ssl/private/SOMEFILEk.pem
>>
>>      tls certfile = /etc/ssl/certs/SOMEFILEc.pem
>>
>>      tls cafile = /etc/ssl/certs/COMPANY-ca.pem
>>
>>
>>
>> Greetz,
>>
>>
>> Louis
>>
>>
>
> I am now updating my DC's and I will set up a new domain member (in a 
> VM) using a self compiled 4.4.2, I will report back later.
>
> Rowland
>
OK, it is now later :-)

My DCs are now running a self-compiled Samba 4.4.2, I set up a domain 
member in a VM running 4.4.2, again self compiled. My laptop runs Wheezy 
and Samba Version 4.2.11-SerNet-Debian-9.wheezy.

Every thing works, wbinfo -u, wbinfo -g, wbinfo -r, id and getent, so 
either I am very lucky or something else is causing the problem.
If it is something else causing the problem, I do not know what it is, 
but the only real difference between my OS and all the others that are 
having problems, is that I use Devuan.

Rowland

Ok some new info. 

Yesterday file server worked, print server not.
Today, both dont work. 

Same test today, proxy1 and proxy2. 
Proxy1 didnt work, proxy2 did ( at that time 4.3.6) 

I upgraded (to 4.3.8) proxy2, tested again, still working. 
Ok, now this proxy 2 is an vm ( a copy of proxy1 ), so lets try something.. 

I remove proxy2 from the ad domain (proxy1 is our main proxy) so this one is to
test with.
Cleared up /var/(lib/cache)/samba folders 
Re-added the server to the domain, started samba and winbind, and.. 
Same problem here now. 

Im thinking its something related to the kerberos keytab file. 
I checked also the (yesterday) working file server, and i did see that
Only the keytab file was refreshed. 
Since there where no changed on that server, why did it work yesterday and not
today.. so keytab related is my guess.
And i noticed some mount where not automounting on bootup and these use kerberos
also.
Re-creating the keytab file didnt help. 

Tomorrow more testing.. 


Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland penny
> Verzonden: zondag 17 april 2016 12:41
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Domain member seems to work, wbinfo -u not
> (update2)
> 
> On 16/04/16 21:31, Rowland penny wrote:
> > On 16/04/16 21:09, L.P.H. van Belle wrote:
> >> New update.
> >>
> >>
> >> I now have done about 6 machines.
> >>
> >> 2 with samba 4.2.10 work fine, 2 not.
> >>
> >> 1 with samba 4.3.7 works fine, 1 not.
> >>
> >>
> >> I saw Jelmer updated the samba to 4.3.8 in sid, so i recompiled
these
> >> to jessie.
> >>
> >> I upgraded the 4.3.7 to 4.3.8
> >
> > Hi Louis, debian 4.2.10 is the same as Samba 4.2.11 and debian 4.3.7
> > is the same as 4.3.8. There was a regression and this was fixed with a
> > patch, the debian packages install the patch separately, the later
> > Samba tarballs include the patch. This confused the hell out of me,
> > until it was explained.
> >
> >>
> >> Same result. Wbinfo -g works, -u not. For both servers.
> >>
> >>
> >> I notice one strange thing here.
> >>
> >> I have 2 servers, both samba 4.2.10, all stock debian packages.
> >>
> >> My file server and my print server, both installed with the same
> script.
> >>
> >> Only the name changed here in the script. One works ok, one not.
> >>
> >>
> >> I notice some difference between these 2.
> >>
> >>
> >> The file server, "wbinfo -u" works, and "getent
passwd" works.
> >>
> >> The print server, "wbinfo -u" does not work, and
"getent passwd"
> >> works not,
> >>
> >> but "getent passwd username" works.
> >>
> >>
> >> Also the output is bit different.
> >>
> >> File server shows  : username:*:10002:10000:U.
> >> username:/home/users/username:/bin/bash
> >>
> >> Print server shows :
> >> username:*:10002:10000::/home/users/username:/bin/bash
> >>
> >>
> >> So anyone an idea where to look from here. But ^^^ must be a
clue..
> >>
> >>
> >>
> >> What did i check if settings are the same on both servers.
> >>
> >> Samba smb.conf, beside hostnames ip shares used, all same.
> >>
> >> Resolv.conf checked.
> >>
> >> Nsswitch.conf checked.
> >>
> >> Added the TLS parameters, ssl, checked.
> >>
> >> Idmap.conf checked. ( needed for the nfs kerberized things )
> >>
> >> UID/GID all there where its needed.
> >>
> >>
> >> And example of my config.
> >>
> >>
> >> [global]
> >>
> >>      workgroup = NTDOM
> >>
> >>      security = ADS
> >>
> >>      realm = REALM.DOM
> >>
> >>      netbios name = PRINT1
> >>
> >>      domain master = no
> >>
> >>      host msdfs = no
> >>
> >>      dns proxy = yes
> >>
> >>
> >>      kerberos method = secrets and keytab
> >>
> >>      dedicated keytab file = /etc/krb5.keytab
> >>
> >>      client signing = if_required
> >>
> >>
> >>      ## map id's outside to domain to tdb files.
> >>
> >>      idmap config *: backend = tdb
> >>
> >>      idmap config *: range = 2000-9999
> >>
> >>      ## map ids from the domain and (*) the range may not overlap
!
> >>
> >>      idmap config NTDOM: backend = ad
> >>
> >>      idmap config NTDOM: schema_mode = rfc2307
> >>
> >>      idmap config NTDOM: range = 10000-3999999
> >>
> >>
> >>      # Use home directory and shell information from AD
> >>
> >>      winbind nss info = rfc2307
> >>
> >>
> >>      winbind trusted domains only = no
> >>
> >>      winbind use default domain = yes
> >>
> >>      winbind expand groups = 4
> >>
> >>      winbind enum users  = yes
> >>
> >>      winbind enum groups = yes
> >>
> >>      # offline login and refresh keytab (tickets)
> >>
> >>      winbind refresh tickets = yes
> >>
> >>      winbind offline logon = yes
> >>
> >>
> >>      # disable printing completely
> >>
> >>      load printers = no
> >>
> >>      printing = bsd
> >>
> >>      printcap name = /dev/null
> >>
> >>      disable spoolss = yes
> >>
> >>
> >>      #Add and Update TLS Key
> >>
> >>      tls enabled = yes
> >>
> >>      tls keyfile = /etc/ssl/private/SOMEFILEk.pem
> >>
> >>      tls certfile = /etc/ssl/certs/SOMEFILEc.pem
> >>
> >>      tls cafile = /etc/ssl/certs/COMPANY-ca.pem
> >>
> >>
> >>
> >> Greetz,
> >>
> >>
> >> Louis
> >>
> >>
> >
> > I am now updating my DC's and I will set up a new domain member
(in a
> > VM) using a self compiled 4.4.2, I will report back later.
> >
> > Rowland
> >
> 
> OK, it is now later :-)
> 
> My DCs are now running a self-compiled Samba 4.4.2, I set up a domain
> member in a VM running 4.4.2, again self compiled. My laptop runs Wheezy
> and Samba Version 4.2.11-SerNet-Debian-9.wheezy.
> 
> Every thing works, wbinfo -u, wbinfo -g, wbinfo -r, id and getent, so
> either I am very lucky or something else is causing the problem.
> If it is something else causing the problem, I do not know what it is,
> but the only real difference between my OS and all the others that are
> having problems, is that I use Devuan.
> 
> Rowland
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

On 17/04/16 14:51, L.P.H. van Belle wrote:
> Ok some new info.
>
> Yesterday file server worked, print server not.
> Today, both dont work.
>
> Same test today, proxy1 and proxy2.
> Proxy1 didnt work, proxy2 did ( at that time 4.3.6)
>
> I upgraded (to 4.3.8) proxy2, tested again, still working.
> Ok, now this proxy 2 is an vm ( a copy of proxy1 ), so lets try something..
>
> I remove proxy2 from the ad domain (proxy1 is our main proxy) so this one
is to test with.
> Cleared up /var/(lib/cache)/samba folders
> Re-added the server to the domain, started samba and winbind, and..
> Same problem here now.
This is getting weird.
>
> Im thinking its something related to the kerberos keytab file.
> I checked also the (yesterday) working file server, and i did see that
> Only the keytab file was refreshed.
> Since there where no changed on that server, why did it work yesterday and
not today.. so keytab related is my guess.
> And i noticed some mount where not automounting on bootup and these use
kerberos also.
> Re-creating the keytab file didnt help.
Have you tried leaving the domain, deleting the keytab and then 
re-joining the domain ?

If I remember correctly, you use your own certificates, I don't, I 
wonder if this could be a problem ?

Rowland
>
> Tomorrow more testing..
>
>
> Greetz,
>
> Louis
>
>
>

Hai Rowland, 

Yes its weird, did some more testing and only the printer driver upload didnt
work, but everything else on my servers work.
I checked so many logs today, and no errors found. 
I'll up the loglevels of a few servers tomorrow.
> Have you tried leaving the domain, deleting the keytab and then
> re-joining the domain ?
Yes, i did, i tested some things also on with the kerberos and this works all
fine. So must rule out kerberos again.
> If I remember correctly, you use your own certificates, I don't, I
> wonder if this could be a problem ?
No, i checked that to, that was the first i checked. 

And strangly 
wbinfo --user-info username , works also fine.
Maybe its a "cosmatic" bug since everything works but like a bug in
how the out is done,.. now im just bit guessing..  its really strange.

.. I'm done for today...  
I'll make a good log tomorror for debugging and post it, maybe someone will
see something..


Greetz, 

Louis




> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland penny
> Verzonden: zondag 17 april 2016 17:45
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Domain member seems to work, wbinfo -u not
> (update3)
> 
> On 17/04/16 14:51, L.P.H. van Belle wrote:
> > Ok some new info.
> >
> > Yesterday file server worked, print server not.
> > Today, both dont work.
> >
> > Same test today, proxy1 and proxy2.
> > Proxy1 didnt work, proxy2 did ( at that time 4.3.6)
> >
> > I upgraded (to 4.3.8) proxy2, tested again, still working.
> > Ok, now this proxy 2 is an vm ( a copy of proxy1 ), so lets try
> something..
> >
> > I remove proxy2 from the ad domain (proxy1 is our main proxy) so this
> one is to test with.
> > Cleared up /var/(lib/cache)/samba folders
> > Re-added the server to the domain, started samba and winbind, and..
> > Same problem here now.
> 
> This is getting weird.
> 
> >
> > Im thinking its something related to the kerberos keytab file.
> > I checked also the (yesterday) working file server, and i did see that
> > Only the keytab file was refreshed.
> > Since there where no changed on that server, why did it work yesterday
> and not today.. so keytab related is my guess.
> > And i noticed some mount where not automounting on bootup and these
use
> kerberos also.
> > Re-creating the keytab file didnt help.
> 
> Have you tried leaving the domain, deleting the keytab and then
> re-joining the domain ?
> 
> If I remember correctly, you use your own certificates, I don't, I
> wonder if this could be a problem ?
> 
> Rowland
> 
> >
> > Tomorrow more testing..
> >
> >
> > Greetz,
> >
> > Louis
> >
> >
> >
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

On 18/04/16 08:06, Oktay Akbal wrote:
>
>>> Rowland
>>>
>> OK, it is now later :-)
>>
>> My DCs are now running a self-compiled Samba 4.4.2, I set up a domain
>> member in a VM running 4.4.2, again self compiled. My laptop runs
Wheezy
>> and Samba Version 4.2.11-SerNet-Debian-9.wheezy.
>>
>> Every thing works, wbinfo -u, wbinfo -g, wbinfo -r, id and getent, so
>> either I am very lucky or something else is causing the problem.
>> If it is something else causing the problem,
> Well the difference to me is that you use a samba dc and not a real windows
dc.
>
> Oktay
Well possibly, but as far as I know, Louis doesn't and he is also having 
the 'wbinfo -u' problem.

Rowland

Hello

I'm joining your discussion, because I'm now facing the same problem
probably as you.

Using Debian jessy, migrating just 1 jour ago to samba 4.2.10-Debian, I'm
now unable to get wbinfo -u from my Windwos DC 2008R2

The error I'm getting is :
[2016/04/18 11:23:23.578815,  1]
../auth/gensec/spnego.c:664(gensec_spnego_create_negTokenInit)
  Failed to setup SPNEGO negTokenInit request: NT_STATUS_INTERNAL_ERROR

What is strange, is that I can get wbinfo -g

Thank you and regards
Philippe

[global]
        workgroup = CDM
        netbios name = mumm
        security = ADS
        realm = CDM.SMIS.CH
        socket options = TCP_NODELAY

        server string = Mumm Samba Server
        map to guest = Bad Uid
        map archive = no
        log file = /var/log/samba/%m.log
        log level = 1
        max log size = 10000

        local master = No
        read only = No
        preferred master = no
        short preserve case = No

        dedicated keytab file = /etc/krb5.keytab
        kerberos method = secrets and keytab
        #kerberos method = secrets
        client ldap sasl wrapping = plain

        idmap config * : backend = tdb
        idmap config * : range = 100000-299999
        idmap config CDM : backend = rid
        idmap config CDM : range = 10000-99999

        winbind trusted domains only = no
        winbind use default domain = yes
        winbind enum users  = yes
        winbind enum groups = yes
        winbind refresh tickets = yes
        winbind offline logon = no
        template shell = /bin/bash
        template homedir = /home/%U
-----Message d'origine-----
De : samba [mailto:samba-bounces at lists.samba.org] De la part de Rowland penny
Envoyé : lundi 18 avril 2016 09:36
À : sambalist
Objet : Re: [Samba] Domain member seems to work, wbinfo -u not (update2)

On 18/04/16 08:06, Oktay Akbal wrote:
>
>>> Rowland
>>>
>> OK, it is now later :-)
>>
>> My DCs are now running a self-compiled Samba 4.4.2, I set up a domain
>> member in a VM running 4.4.2, again self compiled. My laptop runs
Wheezy
>> and Samba Version 4.2.11-SerNet-Debian-9.wheezy.
>>
>> Every thing works, wbinfo -u, wbinfo -g, wbinfo -r, id and getent, so
>> either I am very lucky or something else is causing the problem.
>> If it is something else causing the problem,
> Well the difference to me is that you use a samba dc and not a real windows
dc.
>
> Oktay
Well possibly, but as far as I know, Louis doesn't and he is also having 
the 'wbinfo -u' problem.

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Ok, I have resolved my problem with this error by recreating my Kerberos keytab
file :
net ads keytab create -k

Hope this could help some others people.
Regards
Philippe RITTER
-----Message d'origine-----
De : RITTER, Philippe 
Envoyé : lundi 18 avril 2016 11:38
À : 'Rowland penny'; 'sambalist'
Objet : RE: [Samba] Domain member seems to work, wbinfo -u not (update2)

Hello

I'm joining your discussion, because I'm now facing the same problem
probably as you.

Using Debian jessy, migrating just 1 jour ago to samba 4.2.10-Debian, I'm
now unable to get wbinfo -u from my Windwos DC 2008R2

The error I'm getting is :
[2016/04/18 11:23:23.578815,  1]
../auth/gensec/spnego.c:664(gensec_spnego_create_negTokenInit)
  Failed to setup SPNEGO negTokenInit request: NT_STATUS_INTERNAL_ERROR

What is strange, is that I can get wbinfo -g

Thank you and regards
Philippe

[global]
        workgroup = CDM
        netbios name = mumm
        security = ADS
        realm = CDM.SMIS.CH
        socket options = TCP_NODELAY

        server string = Mumm Samba Server
        map to guest = Bad Uid
        map archive = no
        log file = /var/log/samba/%m.log
        log level = 1
        max log size = 10000

        local master = No
        read only = No
        preferred master = no
        short preserve case = No

        dedicated keytab file = /etc/krb5.keytab
        kerberos method = secrets and keytab
        #kerberos method = secrets
        client ldap sasl wrapping = plain

        idmap config * : backend = tdb
        idmap config * : range = 100000-299999
        idmap config CDM : backend = rid
        idmap config CDM : range = 10000-99999

        winbind trusted domains only = no
        winbind use default domain = yes
        winbind enum users  = yes
        winbind enum groups = yes
        winbind refresh tickets = yes
        winbind offline logon = no
        template shell = /bin/bash
        template homedir = /home/%U
-----Message d'origine-----
De : samba [mailto:samba-bounces at lists.samba.org] De la part de Rowland penny
Envoyé : lundi 18 avril 2016 09:36
À : sambalist
Objet : Re: [Samba] Domain member seems to work, wbinfo -u not (update2)

On 18/04/16 08:06, Oktay Akbal wrote:
>
>>> Rowland
>>>
>> OK, it is now later :-)
>>
>> My DCs are now running a self-compiled Samba 4.4.2, I set up a domain
>> member in a VM running 4.4.2, again self compiled. My laptop runs
Wheezy
>> and Samba Version 4.2.11-SerNet-Debian-9.wheezy.
>>
>> Every thing works, wbinfo -u, wbinfo -g, wbinfo -r, id and getent, so
>> either I am very lucky or something else is causing the problem.
>> If it is something else causing the problem,
> Well the difference to me is that you use a samba dc and not a real windows
dc.
>
> Oktay
Well possibly, but as far as I know, Louis doesn't and he is also having 
the 'wbinfo -u' problem.

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba