I hope this is just one of those issues where just after hitting the
send button I figure out what is wrong. Client is 3.0.4 (also tried with
3.0.3) and server is windows 2003 with all patches as of today applied via
windows update.
Short summary: wbinfo -u doesn't work and wbinfo -g lists just a BUILTIN
domain.
I have done this lots of times, but now winbind seems to be not working anymore.
From the beggining:
- grab a ticket:
[EMAIL PROTECTED] root]# kinit -p Administrator
Password for [EMAIL PROTECTED]:
- join the win2k3 domain:
[EMAIL PROTECTED] root]# net ads join
[2004/05/11 16:20:55, 0] libads/ldap.c:ads_add_machine_acct(1006)
Host account for pandora already exists - modifying old account
Using short domain name -- DISTRO
Joined 'PANDORA' to realm 'DISTRO.CONECTIVA'
- test:
[EMAIL PROTECTED] root]# net ads testjoin
Join is OK
- list tickets ("expandora" is the win2k3 kdc/pdc):
[EMAIL PROTECTED] root]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [EMAIL PROTECTED]
Valid starting Expires Service principal
05/11/04 16:20:51 05/12/04 02:20:01 krbtgt/[EMAIL PROTECTED]
renew until 05/12/04 16:20:51
05/11/04 16:20:03 05/12/04 02:20:01 [EMAIL PROTECTED]
renew until 05/12/04 16:20:51
05/11/04 16:20:03 05/11/04 16:22:03 kadmin/[EMAIL PROTECTED]
renew until 05/11/04 16:22:03
- after winbindd is up, check secret:
[EMAIL PROTECTED] root]# wbinfo -t
checking the trust secret via RPC calls succeeded
- list users:
[EMAIL PROTECTED] root]# wbinfo -u
Error looking up domain users
Uhoh...
- list groups:
[EMAIL PROTECTED] root]# wbinfo -g
BUILTIN\System Operators
BUILTIN\Replicators
BUILTIN\Guests
BUILTIN\Power Users
(...)
"BUILTIN"?
/etc/nsswitch.conf:
[EMAIL PROTECTED] root]# grep winbind /etc/nsswitch.conf
passwd: files nisplus winbind
group: files nisplus winbind
"getent group" lists the same BUILTIN groups...
What is wrong?
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
