Hi
All,
I'm experiencing
problems with getting winbind to resolve groups from our windows 2000 domain
controllers, and was hoping that some one here might be able to shed some light
on what I'm doing wrong. I'm running samba v2.2.7 on red hat v8.0 and I have so
far only managed to get user accounts to resolve but when I attempt to resolve
groups, all I get is the gid number.
eg.
[EMAIL PROTECTED] samba]#
wbinfo -r
TESTDOMAIN+cmackenzie
10001
10002
10003
10004
10005
10000
10006
10007
10001
10002
10003
10004
10005
10000
10006
10007
I've included
extracts of the relevant config files below. any help would be appreciated as
well as reducing my panadol intake :-)
####
/etc/samba/smb.conf
[global]
workgroup =
TESTDOMAIN
security =
domain
password
server = *
encrypt
passwords = yes
smb passwd file = /etc/samba/smbpasswd
smb passwd file = /etc/samba/smbpasswd
pam password
change = yes
username map
= /etc/samba/smbusers
obey pam
restrictions = yes
socket
options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master
= no
domain master
= no
preferred
master = no
wins server =
172.25.240.13 153.107.14.99
dns proxy =
no
## WINBIND
CONFIGURATION HERE
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/false
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/false
#============================ Share Definitions
==============================
[stuff]
comment = Docs
path=/mnt/data/stuff
guest ok = no
public = no
valid users = TESTDOMAIN+cmackenzie
writable = yes
create mode = 0664
directory mode = 0775
comment = Docs
path=/mnt/data/stuff
guest ok = no
public = no
valid users = TESTDOMAIN+cmackenzie
writable = yes
create mode = 0664
directory mode = 0775
[test]
comment = Permission Test
path=/mnt/data/test
guest ok = no
public = yes
write list = @'TESTDOMAIN+Domain Users'
writable = yes
create mode = 0664
directory mode = 0775
comment = Permission Test
path=/mnt/data/test
guest ok = no
public = yes
write list = @'TESTDOMAIN+Domain Users'
writable = yes
create mode = 0664
directory mode = 0775
#####
/etc/pam.d/samba
#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
auth sufficent pam_winbind.so
account required pam_stack.so service=system-auth
account required pam_winbind.so service=system-auth
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
auth sufficent pam_winbind.so
account required pam_stack.so service=system-auth
account required pam_winbind.so service=system-auth
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
#####
/etc/nsswitch.conf
passwd: files nisplus winbind
shadow: files nisplus winbind
group: files nisplus winbind
shadow: files nisplus winbind
group: files nisplus winbind
---
Rgds,
Chris
MacKenzie
**********************************************************************
This message is intended for the addressee named and may contain
privileged information or confidential information or both. If you
are not the intended recipient please delete it and notify the sender.
**********************************************************************
