Hey Gang, I'm stuck near the end of installing Samba 4 on a Debian Wheezy machine. I'm trying to connect to a Win2k AD.
Basically I can't get "getent passwd" to show domain accounts. I also can't access shares using my credentials. What did I forget?! Here is what works: sudo net ads join -U "DOMAINADMIN" wbinfo -g //shows domain groups! wbinfo -u //shows domain users! I have setup symlinks from */lib/i386-linux-gnu/libnss_winbind.so* to * /lib/i386-linux-gnu/libnss_winbind.so * *smb.conf [global] workgroup = DOMAIN realm = DOMAIN.COM server string = %h server security = ADS map to guest = Bad User obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind nss info = rfc2307 idmap config SHORTDOMAINNAME:range = 500-40000 idmap config SHORTDOMAINNAME:schema_mode = rfc2307 idmap config SHORTDOMAINNAME:backend = ad idmap config *:range = 70001-80000 idmap config * : backend = tdb store dos attributes = Yes * *Besides "getent passwd" failing to show domain accounts, I get this when I attempt to authenticate via a SMB client. [2013/09/27 19:03:28.678145, 3] ../auth/ntlmssp/ntlmssp_server.c:358(ntlmssp_server_preauth) Got user=[TestUser] domain=[DOMAIN] workstation=[BADASS] len1=24 len2=154 ..... ..... [2013/09/27 19:03:28.681267, 3] ../source3/auth/auth.c:177(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [**DOMAIN]\[TestUser]@[BADASS] with the new password interface [2013/09/27 19:03:28.681359, 3] ../source3/auth/auth.c:180(auth_check_ntlm_password) check_ntlm_password: mapped user is: [**DOMAIN]\[**TestUser]@[BADASS] [2013/09/27 19:03:28.691085, 3] ../source3/auth/auth_util.c:1247(check_account) Failed to find authenticated user **DOMAIN+jjenkins via getpwnam(), denying access. [2013/09/27 19:03:28.691235, 2] ../source3/auth/auth.c:288(auth_check_ntlm_password) check_ntlm_password: Authentication for user [jjenkins] -> [**TestUser] FAILED with error NT_STATUS_NO_SUCH_USER [2013/09/27 19:03:28.691354, 3] ../source3/auth/auth_util.c:1593(do_map_to_guest_server_info) No such user jjenkins [**DOMAIN] - using guest account * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba