Solved.
There was mistake in smb.conf file, the "idmap uid" value was incorrect.
Gints
gints neimanis wrote:
I succesfully setted up the winbind with "idmap backend = ldap:ldap:..." LDAP is used only to store idmap's.
The problem:
On the server with OpenLDAP and winbind, all is working fine! Thanks to the SAMBA team and OSS community!
But on the second server, where winbind is used to authenticate users and retrieve uid's from server with ldap, users get error message: "id: cannot find name for user ID ...". The authentication works fine, users can use their samba shares, but ssh sessions are not more accessible (There is error, that it is not possible to retrieve username for lastlog and session closes).
May bee someone had already such problem, and know's solution?
There is some illustration of problem:
======= [EMAIL PROTECTED] /]# wbinfo -t checking the trust secret via RPC calls succeeded ======= [EMAIL PROTECTED] /]# wbinfo -u ...skip tst10 tst11 ...skip ======= [EMAIL PROTECTED] /]# getent passwd | grep tst1 tst10:x:20694:30000::/skola/tst10:/bin/bash tst11:x:20695:30000::/skola/tst11:/bin/bash ...skip ======= But!
[EMAIL PROTECTED] /]# su tst10 Creating directory '/skola/tst10'. Creating directory '/skola/tst10/tmp'. id: cannot find name for user ID 20694 [I have no [EMAIL PROTECTED] /]$
and
[I have no [EMAIL PROTECTED] tst10]$ ls -l total 4 drwxr-xr-x 2 20694 30000 4096 aug 21 13:27 tmp/ =======
The both systems are like each other:
The configuration on both servers are like each other:
- Mandrake Cooker - samba 3.0.5.2 (including winbind)
The samba.conf on secondary server
[EMAIL PROTECTED] root]# cat /etc/samba/smb.conf [global] workgroup = SKOLA security = domain netbios name = VIRSIS winbind use default domain = yes default service = homes unix charset = iso8859-13 idmap gid = 20000-30000 idmap uid = 30000-40000 winbind separator = + winbind use default domain = yes idmap backend = ldap:ldap://10.0.0.50 ldap admin dn = cn=Manager,dc=venta,dc=lv ldap suffix = dc=venta,dc=lv ldap idmap suffix = ou=Idmap winbind enum users = yes winbind enum groups = yes encrypt passwords = Yes template homedir = /skola/%U os level = 18 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 wins server = 10.0.0.10 log level = 3 obey pam restrictions = yes template shell = /bin/bash max log size = 200 min protocol = NT1 password server = * local master = No [homes] ...skip
The /etc/nsswitch.conf ... passwd: files winbind nisplus nis shadow: files nisplus nis group: files winbind nisplus nis ...
There is no working nscd daemon, which will cause "I have no name!" problem.
Thanks! Gints
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba