No, I'm not looking up a specific user. I want all of the users that are in the passwd database. Running getent passwd should, in theory, accomplish this by going through all of the sources defined in nsswitch.conf and getting all of the entries each of them have. At least that's my understanding of how it should work.
~Eric -----Original Message----- From: Greg Byshenk [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 09, 2007 12:32 PM To: [email protected] Cc: Eric Diven Subject: Re: [Samba] Can't chown a file to an ADS username On Tue, Oct 09, 2007 at 09:33:40AM -0400, Eric Diven wrote: > Yes, these are only winbind startup messages, that's exactly the > problem. I had in my nsswitch.conf file: > > passwd: compat winbind > shadow: compat winbind > group: compat winbind > > which produced only the local names > > To test, I changed nsswitch.conf as follows: > > passwd: winbind [UNAVAIL=retunr] compat > shadow: compat winbind #so I have some hope of being able to log in > if I didn't get it changed back, maybe > group: winbind [UNAVAIL=return] compat > > and got *nothing* back from getent passwd. I'm guessing this means > I've got a .so file in the wrong place somewhere. Following the > instructions online, I have > > /lib/libnss_winbind.so.2 > /lib/libnss_winbind.so -> /lib/libnss_winbind.so.2 > /usr/lib/libnss_winbind.so -> /lib/libnss_winbind.so.2 > > This sure looks correct, but it's pretty clear that winbind isn't > getting called. This is just a shot in the dark, but... - Are you calling 'getent passwd DOMAIN\\user'? - If not, do you have 'winbind use default domain = yes" set? -greg > -----Original Message----- > From: Stas [mailto:[EMAIL PROTECTED] > Sent: Monday, October 08, 2007 5:04 PM > To: Eric Diven > Cc: [email protected] > Subject: Re: [Samba] Can't chown a file to an ADS username > > the winbindd.log you posted contains winbind startup messages? > if not try to restart winbind and check winbind log for errors . > /etc/nsswitch.conf contains winbind related strings? > > > On 10/8/07, Eric Diven <[EMAIL PROTECTED]> wrote: > > I'm not actually getting much from it. I'm assuming that all of > > winbinds logging goes to [logpath]/winbindd.log. > > > > If that's the case, I'm seeing nsswitch related stuff happening when > > winbind starts up, but not when I run getent passwd. > > I'm running winbind at debug level 3. > > > > [EMAIL PROTECTED] ~]# cat /var/log/samba/winbindd.log > > [2007/10/08 13:18:23, 2] lib/interface.c:add_interface(81) > > added interface ip=192.168.100.80 bcast=192.168.100.255 > > nmask=255.255.255.0 > > [2007/10/08 13:18:23, 2] lib/interface.c:add_interface(81) > > added interface ip=192.168.100.80 bcast=192.168.100.255 > > nmask=255.255.255.0 > > [2007/10/08 13:18:23, 2] lib/tallocmsg.c:register_msg_pool_usage(61) > > Registered MSG_REQ_POOL_USAGE > > [2007/10/08 13:18:23, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) > > Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED > > [2007/10/08 13:18:23, 2] > > nsswitch/winbindd_util.c:add_trusted_domain(175) > > Added domain EDSI EDSI.EDSI-INT.COM > > S-1-5-21-1993962763-329068152-1801674531 > > [2007/10/08 13:18:23, 2] > > nsswitch/winbindd_util.c:add_trusted_domain(175) > > Added domain LOCALHOST S-1-5-21-9612232-2512366426-966941693 > > [2007/10/08 13:18:23, 2] > > nsswitch/winbindd_util.c:add_trusted_domain(175) > > Added domain BUILTIN S-1-5-32 > > [2007/10/08 13:18:23, 3] > > nsswitch/winbindd_misc.c:winbindd_interface_version(483) > > [ 0]: request interface version > > [2007/10/08 13:18:23, 3] > > nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516) > > [ 0]: request location of privileged pipe > > [2007/10/08 13:18:23, 3] nsswitch/winbindd_misc.c:winbindd_ping(462) > > [ 0]: ping > > [EMAIL PROTECTED] ~]# > > > > This is the result of clearing the log, restarting samba, and > > running getent passwd. Nothing gets added to the log when I run it. > > It's greek to me what the stuff from winbind start up means, but I'm > > a little suspicious that nothing shows up on getent passwd. > > > > ~Eric > > > > -----Original Message----- > > From: Stas [mailto:[EMAIL PROTECTED] > > Sent: Monday, October 08, 2007 12:50 PM > > To: Eric Diven > > Cc: [email protected] > > Subject: Re: [Samba] Can't chown a file to an ADS username > > > > winbind's log may be helpful > > > > > > > > On 10/8/07, Eric Diven <[EMAIL PROTECTED]> wrote: > > > I've got a samba install on Linux with winbind installed, etc. > > > I've > > > > configured it the same as I have under Solaris, but for some > > > reason, > > > > I > > > > > can't chown a file to an AD username. I have joined the box to > > > the domain, I can wbinfo -u/-g and get lists of users and groups > > > on the domain. When I run getent passwd or getent group, however, > > > I don't see any of the domain users and groups. I have winbind > > > enum users and > > > > > groups = yes in the smb.conf file. > > > > > > Eventually, I need to be able to accomplish this with enum users > > > and > > > > groups = no for a large domain, but I'm trying to duplicate a > > > problem we're have with Solaris. > > > > > > Any ideas? I'm happy to furnish further info/configs/logs on > request. -- greg byshenk - [EMAIL PROTECTED] - Leiden, NL -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
