[Samba] Samba 3.0.28a

Tue, 11 Mar 2008 14:02:36 -0700

I have a test environment running Fedora 8 and Samba 3.0.28a on two PDC's and one Domain Member. I have a DOM-A PDC with a ldap backend, running winbind. I have a DOM-B PDC with a ldap backend, running winbind. The two domains have trusts both ways. I also have a domain member called TESTSERVER joined to the DOM-A domain, running winbind. I was running 3.0.28 on TESTSERVER and I could do "getent passwd" and see accounts from both domains. Since installing 3.0.28a on all servers I only see accounts from DOM-A domain when issuing the "getent passwd" , and the message in the log.winbindd is 

[2008/03/11 15:13:01, 5] passdb/secrets.c:get_trust_pw_clear(720)
get_trust_pw_clear: could not fetch clear text trust account password for domain DOM-B 

I have an idmap entry in my ldap backend on DOM-A for users in DOM-B.

My smb.conf on TESTSERVER is:

[global]

       workgroup = DOM-A
       security = DOMAIN
       update encrypted = Yes
       map to guest = Bad User
       username map = /etc/samba/smbusers
       log level = passdb:5 auth:10 winbind:2
       load printers = No
       preferred master = No
       local master = No
       dns proxy = No
       wins server = 100.10.10.31
       ldap admin dn = cn=admin,dc=lufkin,dc=com
       ldap group suffix = ou=CP_groups
       ldap idmap suffix = ou=Idmap
       ldap machine suffix = ou=CP_comps
       ldap suffix = dc=lufkin,dc=com
       ldap ssl = no
       ldap user suffix = ou=People
       idmap domains = DOM-A
       idmap alloc backend = ldap
       template shell = /bin/bash
       winbind separator = +
       winbind enum users = Yes
       winbind enum groups = Yes
       idmap alloc config:ldap_url = ldap://192.168.70.151/
       idmap alloc config:ldap_base_dn = ou=idmap,dc=lufkin,dc=com
       idmap alloc config:ldap_user_dn = cn=admin,dc=lufkin,dc=com
       idmap alloc config:range = 50000-500000
       idmap config DOM-A:ldap_url = ldap://192.168.70.151
       idmap config DOM-A:range = 50000-500000
       idmap config DOM-A:ldap_user_dn = cn=admin,dc=lufkin,dc=com
       idmap config DOM-A:ldap_base_dn = ou=idmap,dc=lufkin,dc=com
       idmap config DOM-A:backend = ldap
       idmap config DOM-A:default = yes
       ldapsam:trusted = yes
       ldapsam:editposix = yes

[homes]
       comment = Home Directories
       read only = No
       create mask = 0775
       force create mode = 0775
       directory mask = 0775
       force directory mode = 0775
       browseable = No

[testshare]
       path = /home/test-share
       valid users = DOM-B+travis, DOM-A+mikec
       write list = DOM-B+travis, DOM-A+mikec

Any help would be appreciated.

       template shell = /bin/bash
       winbind separator = +

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba














    











					Reply via email to