Samba/Winbind/nsswitch problem
Stephen Allen
sdafreebsduk at rowyerboat.com
Thu May 22 01:11:37 BST 2008
I've installed and configured samba with winbind, to allow Windows
Active Directory users to log in without me having to create a local
account for them.
Generally speaking, it works (I can login, wbinfo -u|-g returns the
correct data). I can login as a Windows user through ssh, and am using
the pam_mkhomedir module (which also works ok).
Anyway, I've got 2 questions/problems...
(1)
Whenever I restart samba, syslog receives messages like these below.
auth/auth_util.c:create_builtin_administrators(792)
create_builtin_administrators: Failed to create Administrators
auth/auth_util.c:create_builtin_users(758)
create_builtin_users: Failed to create Users
auth/auth_util.c:create_builtin_administrators(792)
create_builtin_administrators: Failed to create Administrators
auth/auth_util.c:create_builtin_users(758)
create_builtin_users: Failed to create Users
(2)
If I use the "winbind enum users|groups = Yes" options, syslog receives
messages like these below (hundreds of them... every few mins).
nsswitch/winbindd_group.c:winbindd_getgrent(1110)
could not lookup domain group department (maths)
nsswitch/winbindd_group.c:winbindd_getgrent(1110)
could not lookup domain group department (mecheng)
Can anyone help please?
Many thanks,
Steve :)
========================
SOME NOTES ON MY CONFIG:
========================
FreeBSD 7.0-RELEASE amd64
samba-3.0.28a,1
root at bax ~ $ testparm -s
Load smb config files from /usr/local/etc/smb.conf
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
[global]
workgroup = TECHNOLOGY
security = DOMAIN
allow trusted domains = No
syslog only = Yes
load printers = No
printcap name = /dev/null
ldap ssl = no
idmap domains = TECHNOLOGY
template shell = /usr/local/bin/bash
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
idmap config TECHNOLOGY:range = 10000-20000
idmap config TECHNOLOGY:backend = rid
root at bax ~ $ wbinfo -u | wc -l
2944
root at bax ~ $ wbinfo -g | wc -l
117
root at bax ~ $ cat /etc/nsswitch.conf
group: files winbind
group_compat: files nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: files nis
shells: files
services: files
services_compat: files nis
protocols: files
rpc: files
More information about the Ukfreebsd
mailing list