ok cool i have changed the sambaPrimaryGroupSid: S-1-1-0 on uid=nobody and changed sambaSID: S-1-1-0 on group nobody and it now starts yeh!! :)
but now if i remove ldap from /etc/nsswitch.conf passwd: file group: file i cant login to the domain: [2005/09/29 23:27:54, 2] lib/smbldap.c:smbldap_open_connection(692) smbldap_open_connection: connection opened [2005/09/29 23:27:54, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499) init_sam_from_ldap: Entry found for user: ws0dwi [2005/09/29 23:27:54, 1] auth/auth_util.c:make_server_info_sam(840) User ws0dwi in passdb, but getpwnam() fails! [2005/09/29 23:27:54, 0] auth/auth_sam.c:check_sam_security(324) check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' [2005/09/29 23:27:54, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [ws0dwi] -> [ws0dwi] FAILED with error NT_STATUS_NO_SUCH_USER is this me being ignorant, or do i still need ldap in the nsswitch.conf file? thought the idea was that ldapsam:trusted = yes ment we didnt need to have ldap in nsswitch.conf so nss_ldap wouldnt enumerate all the users? regards ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Daniel Wilson Systems Administrator IT & Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. ----- Original Message ----- From: Jeremy Allison <[EMAIL PROTECTED]> Date: Thursday, September 29, 2005 11:13 pm Subject: Re: [samba] ldapsam:trusted = yes kills smbd > On Thu, Sep 29, 2005 at 11:16:03PM +0100, Daniel Wilson wrote: > > > > ok i have now changed the sambaSID on the user nobody to be > <gloabl- > > sam-sid>-501 > > > > it now finds the user nobody but still says it can't find the > primary > > group: > > for the user nobody, here are my ldap entries: > > > > # nobody, People, Staff, Itacs, sunderland.ac.uk > > dn: uid=nobody,ou=People,ou=Staff,ou=Itacs,dc=sunderland,dc=ac,dc=uk > > sambaSID: S-1-5-21-82148923-2461359520-1342846908-501 > > cn: nobody > > uid: nobody > > gidNumber: 65533 > > sambaPrimaryGroupSID: S-1-0-0 (which i understand is nobody on > windows) > No, that sid S-1-0-0 is wrong I think. Look here for details : > > http://linux-ntfs.sourceforge.net/ntfs/concepts/sid.html >
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
