Adrian Chow wrote:
Hi Igor (and samba team),
I have done the following:-
-I have upgraded the samba versions of the both servers to be the same.
-The ldap servers are in the same version.
-DomainAPDC and DomainBPDC has winbind in nsswitch
-wbinfo all works.
-"getent group" and "getent passwd" shows ldap entries of local domain and winbind entries of the remote domain.
-However I still cannot map the home directory of the Domain_B_user when I log into Domain_B on Domain_A_XP computer.
- smbclient //domain_A_PDC/shared -U domain_B/domain_B_user is working.
The command I run on the command prompt (which will work) if I am Domain_A_user into Domain_A on Domain_A_XP_computer is "net use x: /home". But before I map it, the home directory is already mapped based on the sambahomepath and sambahomedrive in the ldap entries. I am using the "net use" command to do testing.
If I were to run the same "net use x: /home" command as a Domain_B_User logging into Domain_B on Domain_A_XP_computer, the home directory never gets mapped. Igor has make it work on his server but I am still stuck. (Igor, if you run "net use z: /home" command as the Domain_B_User logging into Domain_B on DOmain_A_XP, does it work?)
I think there's some miscommunication involved. :)
User's home directory does get mapped during login according to sambaHomePath and sambaHomeDrive LDAP entries. I can verify this by looking at the "net use" output. However, when I run "net use x: /home" it gives me an error: "The user's home directory could not be determined." Accroding to DomainA log during this call the user's home share get created on ServerA (PDC for DomainA) instead of using the one specified as sambaHomePath:
[2004/11/05 08:17:44, 3] param/loadparm.c:lp_add_home(2341)
adding home's share [testA] for user 'DOMAINA\testA' at '/home/DOMAINA/testA'
I'm still investigating if this is based solely on XP request (XP side problem) of if this is a way Samba responds on a general "net use x: /home" request (Samba side problem).
On my winbind log on Domain_A_PDC, I get the following :-
legend:- uwcstu is domain_B grade2 is domain_B_user 10000 is gid of DomainB\Domain Users group on Domain_A_PDC. staff is domain A
-----------------------------------------
[2004/11/05 19:10:16, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
[29440]: getpwnam uwcstu\grade2
[2004/11/05 19:10:16, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1030)
[29440]: getgroups UWCSTU\grade2
[2004/11/05 19:10:16, 3] nsswitch/winbindd_sid.c:winbindd_gid_to_sid(374)
[29440]: gid to sid 10000
[2004/11/05 19:10:16, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(124)
[29440]: getpwnam uwcstu\grade2
[2004/11/05 19:10:16, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(243)
[29440]: getgrnam grade2
[2004/11/05 19:10:16, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2008)
ldapsam_getgroup: Did not find group
[2004/11/05 19:10:16, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(298)
group grade2 in domain STAFF does not exist
----------------------------------------------------------------
Questions:-
1. Why domain_A_PDC will try to getgrnam "grade2"? How did grade2 ended up as a group and not a user?
2. Isn't it supposed to be getgrnam "UWCSTU\Domain Users" since winbindd_gid_to_sid is converting 10000 to "UWCSTU\Domain Users"?
3. Any commands for me to test getgroups?
4. Any ideas how to proceed on?
I have similar problem - the same errors in winbind log. I'm investigating this as well. I actually have 2 groups for userA and one gets mapping into user's name with domain stripped out, another into 'tty'. I suspect it's a Samba bug. But, again - it does not cause problems with automatic map of user home.
The only suggestion I have at the moment is to look into the source...
Igor
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
