Hello, I´m trying to use winbind to allow my AD users to logon to our linux computers. I´m using FC6 and Samba 3.0.23c-2. I have several problems:
1. When I start linux machine and immediately ofter logging in I try to check trust secret by running wbinfo -t I receive this error: checking the trust secret via RPC calls failed error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233) could not check secret When I try to run wbinfo -t after a short while it returns: checking the trust secret via RPC calls succeeded. Is this normal behaviour? 2.Winbind do not maintain mappings between UIDs, GIDs and SIDs Winbindd and smbd are running, but when I run getent passwd I receive list of linux local users. And I´m not able to login to my linux machine until I manually add information about user in \etc\paswd. But this is unacceptable for me because I have 600+ users in my domain. Is there way how to make winbind to automaticaly update user mappings? 3. When I manually add informations about user into passwd I´m able to login but after inserting username I have to insert my password twice. Where can be the problem? My configuration files: My smb.conf: [global] workgroup = MYDOMAIN.COM server string = Samba Server security = domain winbind separator = \ idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind enum users = yes winbind enum groups = yes template homedir = /home/winnt/%U template shell = /bin/bash winbind use default domain = true winbind cache time = 10 encrypt passwords = yes winbind trusted domains only = yes obey pam restrictions = yes password server = server.mydomain.com [homes] comment = Home Directories browseable = no writable = yes My nsswitch.conf: passwd: files winbind shadow: files winbind group: files winbind hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files winbind rpc: files services: files winbind netgroup: files winbind publickey: nisplus automount: files winbind aliases: files nisplus My pam.d configuration: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_winbind.so auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account sufficient pam_winbind.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_winbind.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 Thanks for any help. Jiri -- View this message in context: http://www.nabble.com/Winbind-do-not-maintains-mappings-between-UIDs%2C%09GIDs-and-SIDs-tf2773361.html#a7736155 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
