[Samba] Samba 3.4.2 and Active Directory auth
in [Samba]
|
From: Rick Barnes on 9 Nov 2009 13:30 I am trying to setup 2 workstations installed with Fedora 11 and samba 3.4.2. One is x86_64 and the other is i686 and I have the same issue with both. Neither machine will allow domain users from AD (Server 2003 R2) to authenticate. I have successfully send up samba on multiple CentOS 5.4 servers but they are still on 3.0.33 not 3.4.2. At this point, I have joined the workstations and both wbinfo -u and wbinfo -g show the domain users and groups. Also, getent passwd shows the user info including UIDs and GIDs. [global] workgroup = DOM netbios name = wkstn1 realm = DOM.LOCAL security = ads server string = wkstn1 idmap backend = ad ldap idmap suffix = dc=dom,dc=local ldap admin dn = cn=ldap,ou=Users,dc=dom,dc=local idmap uid = 500-100000000 idmap gid = 500-100000000 winbind separator = + winbind use default domain = true ;winbind offline logon = true winbind nested groups = true map untrusted to domain = yes log level = 10 /var/log/secure: login: pam_winbind(login:account): [pamh: 0x661170] ENTER: pam_sm_acct_mgmt (flags: 0x0000) login: pam_winbind(login:account): valid_user: wbcGetpwnam gave WBC_ERR_DOMAIN_NOT_FOUND login: pam_winbind(login:account): [pamh: 0x661170] LEAVE: pam_sm_acct_mgmt returning 3 (PAM_SERVICE_ERR) I do not know what i should be looking for from log.winbindd, but I do see this: [2009/11/09 13:04:19, 5] winbindd/winbindd_idmap.c:246(winbindd_sid2uid_recv) sid2uid returned an error [2009/11/09 13:04:19, 5] winbindd/winbindd_user.c:339(getpwsid_sid2uid_recv) Could not query uid for user DOM\rick # wbinfo -i rick Could not get info for user rick # id rick uid=10000(rick) gid=10001(Domain Users) groups=10001(Domain Users) Which is the uid set in Active Directory. Thanks, Rick -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
|
Pages: 1 Prev: Windows XP joining Samba 3 PDC: SAM Response - user unknown Next: samba4 and ncacn_http |