I have a small work group with a Domain Controller and 2 Member Servers.
I am upgrading everything to the Ubuntu 10.04 LTS and then to LDAP
The Domain Controller - HAMLET
Ubuntu 8.04 LTS
Samba Version 3.0.28a
Member Server -REMUS
Ubuntu 10.04 LTS
Samba Version 3.4.7
Member Server -ROMULUS
Ubuntu 10.04 LTS
Samba Version 3.4.7
The member servers are identical hardware and the operating system
configuration is very similar.
The [Globals] in the smb.conf files on the Member Servers are identical
as far as I can tell.
[global] ROMULUS
workgroup = ORLEANS
server string = %h server (Samba, Ubuntu, Files)
security = DOMAIN
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
local master = No
domain master = No
dns proxy = No
ldap ssl = no
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
invalid users = root
admin users = root, administrator
hosts allow = 192.168.1.0/255.255.255.0
[global] REMUS
workgroup = ORLEANS
server string = %h server (Samba, Ubuntu, Authentication,
Groupware)
security = DOMAIN
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
ldap ssl = no
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
invalid users = root
admin users = root, administrator
hosts allow = 192.168.1.0/255.255.255.0
User mapping works as expected, all utilities return the same information.
However group mapping does not seem to work the same on both machines.
# net groupmap list returns an empty list on REMUS
On ROMULUS
# net groupmap list
Administrators (S-1-5-32-544) -> BUILTIN\administrators
Users (S-1-5-32-545) -> BUILTIN\users
#
Similarly wbinfo -g returns different results
romulus# wbinfo -g
BUILTIN\administrators
BUILTIN\users
domain users
domain admins
domain guests
romulus#
remus# wbinfo -g
domain users
domain admins
domain guests
remus#
# net rpc group -S HAMLET -U administrator
Enter administrator's password:
Domain Users
Domain Admins
Domain Guests
#
Returns the same information on both member servers.
I have checked /etc/nsswitch.conf and both appear the same
--
Rob Steinmetz
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
