I sure hate to put anyone out a bunch of trouble if I've borked something
up, but for the life of me, I can't see anything I've got wrong.
?
---
Can I recap a few things, to make sure I understand things correctly.
?
-If KBR was setup wrong or otherwise screwed up, we wouldn't be able to join
the domain, right?
-Same thing for NTP, right?
?
And there's no way to see if/how the nsslib-winbind is talking to winbind
itself, right. (I assume the lib talks to winbind and pulls the data. So, if the
library is having difficulties, seeing what's going on inside the black box,
would be handy.)
?
Thanks for the help so far.
?
(BTW, when I started down this road, I was on Louis's 4.15.3, and then when
checking and double-checking things (when getent wasn't working), I upgraded
to 4.15.5, in case it matters.)
?
?
-Greg
???
> On Fri, 2022-02-25 at 13:34 -0800, Gregory Sloop wrote:
>>> On Fri, 2022-02-25 at 11:28 -0800, Gregory Sloop via samba wrote:
>>>>> On Fri, 2022-02-25 at 08:20 -0800, Gregory Sloop wrote:
>>>>>> Oh, I see Louis also has those in the repo. Since
I'm using
>>>>>> his
>>>>>> Samba, might as well use his libnss too.
>>>>> You have to use them from the same repo (or to be precise,
the
>>>>> same
>>>>> version).
>>>>>> ?
>>>>>> Now to check and see if I did fail to install the
library.
>>>>>> (But
>>>>>> if I
>>>>>> were a betting man, that's what I'd bet on.) ?
>>>>> If they are not there, or are the wrong version, getent
will
>>>>> not
>>>>> work.
>>>>> Rowland
>>>> ?
>>>> So, here are the packages I installed as part of the Samba
>>>> install
>>>> apt install samba winbind libnss-winbind libpam-winbind ntp
krb5-
>>>> user?
>>>> binutils ldb-tools smbclient libpam-krb5?
>>>> ?
>>>> Am I missing anything that would impact this issue?
>>> No.
>>> You installed the packages.
>>> Configured ntp to use the DC's as time servers (time is within
5
>>> minutes of the DC)
>> ?
>> I had them going to the same ntp servers (ntp pool) as the DC's.
But
>> just to be sure, I've moved them to use the DC's.?
>> (That's probably better, though both should work ok - since
they'll
>> all be synced to the same time, or close enough.)
>> ?
>>> Checked /etc/krb5.conf to see that it is using the dns domain as
>>> the
>>> realm (in uppercase)
>> Yup.
>> ?
>>> Configured /etc/samba/smb.conf
>> Yup, I posted it.
>>> Joined the domain (what does 'sudo net ads testjoin' show
?).
>> Join OK
>> ?
>>> wbinfo works, but getent doesn't
>> Yup
>> ?
>>> Is all that correct ?
>> Pretty much.
>> ?
>>> Rowland
> Then I am lost here.
> I will setup Ubuntu 20.04 in a VM (this will have to be tomorrow) and
> see what happens.
> Rowland
--?
Gregory Sloop, Principal: Sloop Network & Computer Consulting
Voice: 503.251.0452 x121
EMail:?gregs at sloop.net
http://www.sloop.net
---