John, sorry I did not mean to reply directly, I hate MS-Outlook! John H Terpstra wrote: > On Sunday 30 January 2005 09:17, MailLists wrote: >> Hello, >> >> Please forgive me if this has been discussed, I did not find any >> references when I searched. >> >> I'm trying to replace a W2K server with a samba member server in a >> single ADS domain. >> >> It seems that the Fedora rpms do not support idmap_rid so I am trying >> to compile from the Fedora SRPM. After following the docs for >> building and configuring idmap_rid I get no ADS users from `getent >> passwd`. wbinfo -u returns the user list without the DOMAIN\ prefix. >> >> When I try to connect to the samba share I am confronted with an auth >> box that I have not been able to satisfy. >> >> /var/log/samba/winbindd includes: >> idmap_init: using 'idmap_rid' as remote backend >> >> Can anyone help? > > As one of the arguments to the 'configure' command add: > > --with-shared-modules=idmap_rid \ > > Then rebuild. Make sure you add the idmap_rid module to the > /usr/lib/samba/idmap directory. > > - John T. >
I compiled with: ./configure --with-shared-modules=idmap_rid --with-ads --with-pam --with-pam_smbpass --with-logbasedir=/var/log/samba Then created the dir: /usr/lib/samba/idmap then added the symlink: /usr/lib/samba/idmap/idmap_rid.so -> /usr/local/samba/lib/idmap/idmap_rid.so Restarted the daemons - nmbd then winbond then smbd But getent passwd still gives no ADS users. Brian >> >> Thanks, >> Brian Hoover >> >> /*/*/*/*/* smb.conf /*/*/*/*/*/* >> [global] >> unix charset = LOCALE >> workgroup = VIDAR >> realm = VIDAR.CORP >> server string = BIS05 >> security = ADS >> allow trusted domains = No >> log level = 10 >> syslog = 0 >> log file = /var/log/samba/%m >> max log size = 50 >> ldap ssl = no >> idmap backend = idmap_rid:VIDAR=10000-20000 >> idmap uid = 10000-20000 >> idmap gid = 10000-20000 >> template shell = /bin/bash >> winbind enum users = No >> winbind enum groups = No >> winbind use default domain = Yes >> winbind nested groups = Yes >> >> [users] >> comment = User Folders >> path = /smb/users >> admin users = root, 'Domain Admins' >> read only = No >> guest ok = Yes >> >> /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* >> >> /*/*/*/*/* config.log SNIPPED /*/*/*/*/*/* >> >> $ ./configure --with-shared-modules=idmap_rid --with-ads --with-pam >> --with_pamsmbpass >> >> #define HAVE_LDAP 1 >> #define HAVE_KRB5 1 >> >> /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* >> >> /*/*/*/*/* nsswitch.conf /*/*/*/*/*/* >> >> passwd: files winbind >> shadow: files winbind >> group: files winbind >> >> hosts: files dns wins >> >> >> bootparams: nisplus [NOTFOUND=return] files >> >> ethers: files >> netmasks: files >> networks: files >> protocols: files >> rpc: files >> services: files >> >> netgroup: files >> >> publickey: nisplus >> >> automount: files >> aliases: files nisplus >> >> /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* >> >> /*/*/*/*/* nsswitch.conf /*/*/*/*/*/* >> >> #%PAM-1.0 >> auth required /lib/security/$ISA/pam_env.so >> auth sufficient /lib/security/$ISA/pam_unix.so likeauth >> nullok auth sufficient /lib/security/$ISA/pam_winbind.so >> use_first_pass auth required >> /lib/security/$ISA/pam_deny.so >> >> account required /lib/security/$ISA/pam_unix.so >> account sufficient /lib/security/$ISA/pam_winbind.so >> use_first_pass >> >> password required /lib/security/$ISA/pam_cracklib.so retry=3 >> type= # Note: The above line is complete. There is nothing following >> the '=' password sufficient /lib/security/$ISA/pam_unix.so \ >> nullok use_authtok md5 >> shadow password sufficient /lib/security/$ISA/pam_winbind.so >> use_first_pass password required >> /lib/security/$ISA/pam_deny.so >> >> session required /lib/security/$ISA/pam_limits.so >> session sufficient /lib/security/$ISA/pam_unix.so >> session sufficient /lib/security/$ISA/pam_winbind.so >> use_first_pass >> >> /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* > > -- > John H Terpstra > Samba-Team Member > Phone: +1 (650) 580-8668 > > Author: > The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 > Samba-3 by Example, ISBN: 0131472216 > Hardening Linux, ISBN: 0072254971 > Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
