Hi Tobias
To be honest I don't really know that mutch about the Windows AD, I'm
not an Windows guy, when I talked with the Windows AD Administrator he
told my that it was an RFC2307 schema and not an old SFU, but I have
just now logged on to the AD server and it doesn't seams like any
schemas is loaded at all.
My winbind debugging:
http://pastebin.com/WjDRvp8q
Winbind debugging while getent passwd USER:
http://pastebin.com/0B24yePY
I don't know way there is a lot of UVROOT.LOCAL, my server is only
joined to UNDERVISNING.LOCAL, but the windows AD server do know UVROOT also.
--
Med Venlig Hilsen / Best Regards
Henrik Dige Semark
Den 18-07-2010 08:58, Mucke, Tobias, FCI4 skrev:
Hi Henrik,
I am also fighting with Winbind for a few days now experiencing some weird
behaviour.
Regarding your explanation I assume you have SFU running in your AD Domain. Do
you really have a RFC2307 complaint schema in AD or do you still stick to SFU
schema?
For debugging the winbind it was helpful to me to start it in a shell as a
foreground process with debugging on, e. g.
/usr/sbin/winbindd -SFi -d3
Now you should be able to see the different Winbind behaviour regarding the
login and getent.
Good luck.
Tobias Mucke
LFK-Lenkflugkörpersysteme GmbH
Serverpool, FCI4
Landshuter Straße 26, 85716 Unterschleißheim, GERMANY
Phone: +49 89 3179 8438
Fax: +49 89 3179 8927
Mobile: +49 170 635 3830
E-Mail: [email protected]
http://www.mbda.net
Chairman of the Supervisory Board: Antoine Bouvier
Managing Director: Werner Kaltenegger
Registered Office: Schrobenhausen
Commercial Register: Amtsgericht Ingolstadt, HRB 4365
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Henrik Dige Semark
Sent: Sunday, July 18, 2010 1:35 AM
To: [email protected]
Subject: [Samba] Samba + Winbind + Windows 2003 AD
Hey out there.
I have to join my UNIX server with an existing Win2k3 AD network.
My system info:
Debian Lenny
Samba - 3.4.8
Winbind - 3.4.8
Windows Server 2003 with 2000-style-AD
My problem is that, I have en UNIX server that have to run auth up against our
existing windows 2003 AD.
I have successfully joined my UNIX server to the AD, without problems.
# net ads join -U Administrator
Enter Administrator's password:
Using short domain name -- TEST
Joined 'MAIL' to realm 'TEST.LOCAL'
My Samba config: http://pastebin.com/ZqaA0Ypn
After the join I'm able to lookup peoples with # wbinfo -u [...] XX hds XXX
[...]
# wbinfo -g
[...]
bg XX
bg hds
bg XXX
[...]
Now the problem, getent only returns the local users and not the users from the
AD The funny thing is that if a user is local on the UNIX and in the AD, I can
login with the password from both local and AD, so I know that it can lookup
people and passwords
# getent passwd hs ; echo $?
2
When I debug on getent it returns 2, witch means that it can't find the user.
I know there can be a problem with this if the resolv-names is not working
# ping addc.UNDERVISNING.LOCAL
PING addc.birke-gym.dk (10.3.17.1) 56(84) bytes of data.
64 bytes from bgdc.birke-gym.dk (10.3.17.1): icmp_seq=1 ttl=128
time=0.211 ms
64 bytes from bgdc.birke-gym.dk (10.3.17.1): icmp_seq=2 ttl=128
time=0.207 ms
# ping mail.UNDERVISNING.LOCAL
PING mail.birke-gym.dk (127.0.1.1) 56(84) bytes of data.
64 bytes from mail.birke-gym.dk (127.0.1.1): icmp_seq=1 ttl=64 time=0.099 ms
64 bytes from mail.birke-gym.dk (127.0.1.1): icmp_seq=2 ttl=64 time=0.094 ms
Is there anyone that can see where I have done something rung in my
samba-config.?
--
Med Venlig Hilsen / Best Regards
Henrik Dige Semark
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
