Hi John, Thanks for your reply.
This is the result :- #wbinfo -u Connected to LDAP server EIS.squid.biz ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2 ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2 ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3 ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10 ads_sasl_spnego_bind: got server principal name = [email protected] ads_cleanup_expired_creds: Ticket in ccache[MEMORY:winbind_ccache] expiration Sun, 14 Nov 2010 22:22:14 IST ads_cleanup_expired_creds: Ticket in ccache[MEMORY:winbind_ccache] expiration Sun, 14 Nov 2010 22:22:26 IST kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials ads_connect for domain SQUID failed: Invalid credentials final write to client failed: Broken pipe #wbinfo -g Connected to LDAP server EIS.squid.biz ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2 ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2 ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3 ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10 ads_sasl_spnego_bind: got server principal name = [email protected] ads_cleanup_expired_creds: Ticket in ccache[MEMORY:winbind_ccache] expiration Sun, 14 Nov 2010 22:27:10 IST ads_cleanup_expired_creds: Ticket in ccache[MEMORY:winbind_ccache] expiration Sun, 14 Nov 2010 22:27:12 IST kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials ads_connect for domain SQUID failed: Invalid credentials final write to client failed: Broken pipe any problem with krb configuration ??? Regards, Vivek On Sun, Nov 14, 2010 at 11:59 PM, John Stile <[email protected]> wrote: > You could try to run winbindd manually (winbindd -d 3 -i), and from > another console run 'wbinfo -u', and see if any errors present them > selves in the console where you ran winbindd. First make sure no other > winbind daemon is running, by testing, as root, with: lsof -i tcp -nP | > grep winbind > > On Sun, 2010-11-14 at 23:41 +0530, Vivekanandan Nataraj wrote: > > Hi John, > > > > > > Thanks for your reply. > > > > > > I have modified the nsswitch.conf file and smb.conf as per your > > suggestions. > > > > > > Still wbinfo does not list the users... I have rebooted the server > > after modification. > > > > > > and #rm -rf /var/lib/samba/* and restart the services and joined the > > domain again. but no luck.. > > > > > > nsswitch.conf > > [ > > shadow: files > > passwd: compat winbind > > group: compat winbind > > > > > > hosts: files dns wins > > networks: files dns > > > > > > services: files > > protocols: files > > rpc: files > > ethers: files > > netmasks: files > > netgroup: files nis > > publickey: files > > > > > > bootparams: files > > automount: files nis > > aliases: files > > ] > > > > > > samba > > [ > > workgroup = SQUID > > realm = SQUID.BIZ > > security = ADS > > password server = EIS.SQUID.BIZ > > printcap name = cups > > idmap uid = 1000-20000000 > > idmap gid = 1000-20000000 > > winbind separator = + > > winbind enum users = Yes > > winbind enum groups = Yes > > winbind use default domain = Yes > > winbind nss info = rfc2307 > > cups options = raw > > ] > > > > > > Any thing i missed ? > > > > > > Thanks in advance.. > > > > > > Regards, > > Vivek > > > > On Sun, Nov 14, 2010 at 10:33 PM, John Stile <[email protected]> wrote: > > Does /etc/nsswitch.conf hold winbind? > > Something like this: > > passwd: compat winbind > > group: compat winbind > > > > Also, > > your config doesn't show: > > winbind separator = + > > > > your config doesn't have a fully qualified "password server" > > hostname. > > > > > > > > On Sun, 2010-11-14 at 11:09 +0530, Vivekanandan Nataraj wrote: > > > Hi Guys, > > > > > > I have configured SAMBA with Windows 2003 AD. But "#wbinfo > > -u" and > > > "#wbinfo -g" does not list the users > > > > > > 1. Domain joined successfully. > > > > > > # net rpc testjoin -U Administrator > > > Join to 'DOMAIN' is OK > > > > > > 2. wbinfo -a works ( User authentication ) > > > > > > # wbinfo -a 'DOMAIN\user' > > > Enter DOMAIN\user's password: > > > plaintext password authentication succeeded > > > Enter DOMAIN\user's password: > > > challenge/response password authentication succeeded > > > > > > 3. wbinfo -u and wbinfo -g does list nothing > > > > > > # wbinfo -u > > > # wbinfo -g > > > > > > # wbinfo -r 'DOMAIN\user' > > > Could not get groups for user DOMAIN\user > > > > > > SAMBA config : - > > > > > > [global] > > > workgroup = DOMAIN > > > realm = DOMAIN.BIZ > > > security = ADS > > > password server = EIS > > > printcap name = cups > > > idmap uid = 1000-20000000 > > > idmap gid = 1000-20000000 > > > winbind enum users = Yes > > > winbind enum groups = Yes > > > winbind use default domain = Yes > > > winbind nss info = rfc2307 > > > cups options = raw > > > > > > Versions :- > > > > > > # smbd -V > > > Version 3.4.2-1.1.3.1-2229-SUSE-SL11.2 > > > > > > # winbindd -V > > > Version 3.4.2-1.1.3.1-2229-SUSE-SL11.2 > > > > > > Share your ideas... > > > > > > Regards, > > > Vivek > > > > > > > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
