Hi all, while testing to integrate some samba servers in an w2k AD Domain we found a couple of issues, i try to summarize it:
W2K Server using SP3 samba versions: debian unstable package 3.0.alpha21-3 cvs version 08.01.2003 build on debian unstable all domains set up as standalone domain building forest root and schema root smb.conf workgroup = TEST realm = TEST.LOC #realm = TEST.TEST.LOC security = ads ads server = w.x.y.z password server = w.x.y.z encrypt passwords = yes passdb backend = tdbsam unixsam wins server = w.x.y.z # PasswordChat Section ; unix password sync = false passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spasswor ; pam password change = no obey pam restrictions = yes # WinBind Settings winbind uid = 10000-20000 winbind gid = 10000-20000 template shell = /bin/bash winbind separator = + winbind enum users = yes winbind enum groups = yes winbind use default domain = yes # Other panic action = /usr/share/samba/panic-action %d ; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' & w2k AD native mode workgroup: TEST Domain: test.test.loc wbinfo -r administrator gives back all groups wbinfo -r user gives back only the primary group w2k AD native mode workgroup: TEST Domain: test.loc wbinfo -r administrator gives back all groups wbinfo -r user gives back only the primary group w2k AD mixed mode workgroup: TEST Domain: test.loc wbinfo -r administrator gives back all groups wbinfo -r user gives back all groups w2k AD mixed mode workgroup: TEST Domain: test.test.loc wbinfo -r administrator gives back all groups wbinfo -r user gives back all groups in any setting the getent group gives back all users in the goups exept users in the format aa.bb irc-nic: flu mit freundlichem Gruß Ulf Händel -- DV IDEE GmbH Tel.: 0511 8483281 Adelheidstraße 4-5 Fax.: 0511 8483233 30171 Hannover Mobil. 0170 5400369 e-mail.: [EMAIL PROTECTED]