Trusted domain user login
in [Samba]
|
Prev: inotify trouble
Next: [Samba] possible repost: Samba 3.28 compilation fails, locking unavailable on FreeBSD 6.3
From: Carlos Lorenzo Matés on 31 Jan 2008 18:30 Hi. El Miércoles, 30 de Enero de 2008, Thorkil Olesen escribió: > Carlos Lorenzo Matés <clmates <at> mundo-r.com> writes: > > > Maybe you should try: > > > > > > wbinfo -a NTDOMAIN\\clorenzo%myrealpassword > > > > This was my first try and it says exactly the same. > > Well, that should work. > > > We have the very same users groups and passwords in the > > NT Domain and in the > > samba Domain, our samba domain uses ldap for storage. > > It doesn't make sense to have same users in both domains. > We make this because we are migrating the NT domain to a samba domain and this was the best option to make this transparent for users > >From samba's point of view users in different domains are > > not the same even though they have same username and > password. They will still have different SIDs. > > > Here is our nsswitch.conf > > (...) > > > passwd: files ldap > > group: files ldap > > (...) > > > passwd_compat: ldap winbind > > group_compat: ldap winbind > > (...) > > Why do you put winbind at 'passwd_compat' instead of 'passwd'? > I don't know I'm going to revise this, thanks > > getent returns the ldap users, groups and paswwords, should > > getent also return > > the NT domain users when they are the same? > > If you use 'DOMAIN\user' it should, eg. > > getent passwd NTDOMAIN\\clorenzo > > I don't think however that nsswitch is used by wbinfo -a so this > may not be your real problem. > > I had a similar problem that i solved by changing to kerberos, > but with NT this is not possible. > I don't think I can help with this. > Ok, im going to play with nsswitch to see if this changes something, also will make another try with getent with the NTDOMAIN as you said. Thanks again -- Un saludo. Carlos Lorenzo Matés. clmates AT mundo-r DOT com
From: Carlos Lorenzo Matés on 1 Feb 2008 14:40 Hi. El Jueves, 31 de Enero de 2008, Carlos Lorenzo Matés escribió: > Hi. > > El Miércoles, 30 de Enero de 2008, Thorkil Olesen escribió: > > Carlos Lorenzo Matés <clmates <at> mundo-r.com> writes: > > > > Maybe you should try: > > > > > > > > wbinfo -a NTDOMAIN\\clorenzo%myrealpassword > > > > > > This was my first try and it says exactly the same. > > > > Well, that should work. > > > > > We have the very same users groups and passwords in the > > > NT Domain and in the > > > samba Domain, our samba domain uses ldap for storage. > > > > It doesn't make sense to have same users in both domains. > > We make this because we are migrating the NT domain to a samba domain and > this was the best option to make this transparent for users > > > >From samba's point of view users in different domains are > > > > not the same even though they have same username and > > password. They will still have different SIDs. > > > > > Here is our nsswitch.conf > > > > (...) > > > > > passwd: files ldap > > > group: files ldap > > > > (...) > > > > > passwd_compat: ldap winbind > > > group_compat: ldap winbind > > > > (...) > > > > Why do you put winbind at 'passwd_compat' instead of 'passwd'? > > I don't know I'm going to revise this, thanks Well, teste with the winbind added behind passwd and group and now getent returns the NT Domain users and groups also, as you said. getent shadow only returns the ldap shadows btw the wbinfo -a was not working because i was only seting an \ betwen the domain name and the user name, and must be \\. Now is working regardless the nsswitch setup but the trust still does not work fine Thanks again -- Un saludo. Carlos Lorenzo Matés. clmates AT mundo-r DOT com
First
|
Prev
|
Pages: 1 2 3 Prev: inotify trouble Next: [Samba] possible repost: Samba 3.28 compilation fails, locking unavailable on FreeBSD 6.3 |