I had some problems with authentication on a Red Hat server due to corrupted .tdb files in /var/cache/samba and fixed it by deleting them. You could give it a shot by stopping Samba and Winbind, backing up those files to be safe, delete them and restart Samba and WInbind.
If that doesn't work, I suspect there is a problem with your AD forest. All the pieces should be there for you. On 12/7/06, James A. Dinkel <[EMAIL PROTECTED]> wrote:
Well, I think I'm giving up. I've tried following that guide. I've tried replacing my smb.conf to look just like yours. I've tried a bunch of other things that I though might do something. For the life of me, I can not get nested groups to work on this server. James Dinkel > -----Original Message----- > From: Aaron Kincer > > James, > > You are correct--I don't have windbind nested groups = yes set in my > smb.conf. Yes, default 3.0.22. I followed the Ubuntu configuration > instructions to the letter found in the Ubuntu forums that I've posted > before with only the changes you've seen in my smb.conf. Here is the > link to the forum post: > > http://ubuntuforums.org/archive/index.php/t-91510.html > > If you have a machine you can throw together as a test machine, fire it > up as a stock install and follow these instructions to the letter (if > you didn't on your production box) and see if you have any success. > > Here's where the rubber meets the road. If your test machine correctly > nests permissions, then there is something wrong with your production > config. If it doesn't, then you have something going on in Active > Directory. > > One more thing--I'm using POSIX ACLs for permissions. Are you? > > James A. Dinkel wrote: > >> -----Original Message----- > >> From: Matt Skerritt > >> > >> There is an option in smb.conf called "winbind nested groups" ... and > >> the help text from swat says: > >> > >> "winbind nested groups (G) > >> > >> If set to yes, this parameter activates the support for nested > >> groups. Nested groups are also called local groups or aliases. They > >> work like their counterparts in Windows: Nested groups are defined > >> locally on any machine (they are shared between DC's through their > >> SAM) and can contain users and global groups from any trusted SAM. To > >> be able to use nested groups, you need to run nss_winbind. > >> > >> Please note that per 3.0.3 this is a new feature, so handle with > >> care. > >> > >> Default: winbind nested groups = no" > >> > >> So I'm guessing that you want to set winbind nested groups = yes in > >> your smb.conf. > >> > >> -- > >> Matt Skerritt > >> [EMAIL PROTECTED] > >> > > > > I've put the "winbind nested groups = yes" in the global section of my > > samba.conf. (Sorry, I did go over the swat help text, I must have > > missed this). I went ahead and rebooted the server and tried it again, > > but it's still a no-go. > > > > Aaron, in the smb.conf you showed me, you did not have "winbind nested > > groups = yes" ?!? I don't remember if you've told me, but are you using > > the default Samba 3.0.22 that comes with Ubuntu 6.06? > > > > Could there be something wrong with my Winbind setup? Something that > > has to do with nss_winbind maybe? Is there any way I can test this from > > the Samba server, using wbinfo maybe? > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
