Hi, I've joined a Suse 9.1 Pro linux computer to a Windows 2003 SP1 ADS using: # kinit [EMAIL PROTECTED] # net ads join
The computer account is created on the DC and wbinfo (-t -u -g) all work. Then I try getent passwd or getent group and nothing. This is with: #grep winbind /etc/nsswitch.conf passwd: compat winbind group: compat winbind # ps -ef | grep -E 'winbind|nmbd' root 3169 1 0 Jul29 ? 00:00:02 nmbd root 3171 1 0 Jul29 ? 00:00:01 winbindd -d 5 root 3172 3171 0 Jul29 ? 00:00:00 winbindd -d 5 root 3173 3171 0 Jul29 ? 00:00:01 winbindd -d 5 # cat /usr/local/samba/lib/smb.conf [global] # separate domain and username with '\', like DOMAIN\username winbind separator = + # use uids from 10000 to 20000 for domain users idmap uid = 10000-20000 # use gids from 10000 to 20000 for domain groups idmap gid = 10000-20000 # allow enumeration of winbind users and groups winbind enum users = yes winbind enum groups = yes # give winbind users a real shell (only needed if they have telnet access) template homedir = /home/%U template shell = /bin/bash winbind cache time = 600 winbind trusted domains only = yes workgroup = SHORTDOMAIN # to remove domain from username # winbind use default domain = yes obey pam restrictions = Yes realm = DOMAIN security = ADS encrypt passwords = yes password server = SERVER.DOMAIN # Example share definition [public] comment = Public data directory read only = no path = /sambapublic user = @"DOMAIN+domain users" an strace of getent passwd shows getent looking at /lib/libnss_winbind.so samba is configured like so: ./configure --prefix=/usr/local/samba/ --with-ldap --with-ads --with-krb5 --with-pam --with-winbind I have submitted this as a bug against the latest 3.0.20 release candidate just in case this is not my fault: https://bugzilla.samba.org/show_bug.cgi?id=2929 Has anyone else managed to get this working, please? Mike. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
