LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-04-2004, 02:36 AM   #1
AndreasBeyeler
LQ Newbie
 
Registered: May 2004
Posts: 3

Rep: Reputation: 0
Smile Samba: Getent shows only local information


Hello

(Double-Post: I posteted this question in the samba mailing list but it was not insertet correctly and nobody answerd it. I postet it today in the start-linux-forum but I think this is the wrong place there so I posted there a reply myself that I'll post the solution if I have one...)


So now my problem:

I have installed Redhat Linux 9 and Samba 3.0.2a from the Source.

I have two Win2003 server for the domain "sambadomain.local":

PDC: rootserver
10.10.1.1 Subnet 255.255.0.0

DNS-Master: dnsserver
10.10.1.2 Subnet 255.255.0.0
Runs also dhcp and wins

I made the references to these two Servers (DNS, DHCP) in my Linux-Server.

Linux-Server: samba
10.10.1.4 Subnet 255.255.0.0



Here is my smb.conf File which is located in /usr/local/samba/lib:

# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2004/04/21 10:03:48

# Global parameters
[global]
workgroup = SAMBADOMAIN
realm = SAMBADOMAIN.LOCAL
security = ADS
password server = ROOTSERVER.SAMBADOMAIN.LOCAL
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +


I created the computer account with the following command:

net ads join -U Administrator

Then I gave the pw. I could see the new account in the active directory.


I did a test with kinit:

[root@samba bin]# /usr/java/j2re1.4.2_03/bin/kinit Administrator@SAMBADOMAIN.LOCAL
Password for Administrator@SAMBADOMAIN.LOCAL:Password
New ticket is stored in cache file /tmp/krb5cc_0
[root@samba bin]#

My etc/krb5.conf File

[libdefaults]
default_realm = SAMBADOMAIN.LOCAL

[realms]
SAMBADOMAIN.LOCAL = {
kdc = rootserver.sambadomain.local
}

[domain_realm]
.sambadomain.local = SAMBADOMAIN.LOCAL


There was already a file named "libnss_winbind.so.2" and a link "libnss_winbind.so" which target is "libnss_winbind.so.2" I did nothing with these files.


I edited /etc/nsswitch.conf:

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis

passwd: files winbind
shadow: files
group: files winbind

#hosts: db files nisplus nis dns
hosts: files dns

# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files

netgroup: files

publickey: nisplus

automount: files
aliases: files nisplus


Then I run /usr/local/samba/bin/net rpc join -S ROOTSERVER -U Administrator and gave my password:

[root@samba bin]# /usr/local/samba/bin/net rpc join -S ROOTSERVER -U Administrator
Password:
Joined domain SAMBADOMAIN.
[root@samba bin]#


I startet smbd nmbd and winbindd and they are running:

[root@samba bin]# ps -ae|grep winbindd
2177 ? 00:00:00 winbindd
2178 ? 00:00:00 winbindd
[root@samba bin]# ps -ae|grep smbd
2180 ? 00:00:00 smbd
[root@samba bin]# ps -ae|grep nmbd
2179 ? 00:00:00 nmbd
[root@samba bin]#

I did not found any nscd running.

Now I executed the following commands and they succeded:

[root@samba bin]# /usr/local/samba/bin/wbinfo -u
SAMBADOMAIN+Administrator
SAMBADOMAIN+Gast
SAMBADOMAIN+SUPPORT_388945a0
SAMBADOMAIN+ROOTSERVER$
SAMBADOMAIN+krbtgt
SAMBADOMAIN+DNSSERVER$
SAMBADOMAIN+CLIENT-XP$
SAMBADOMAIN+SUSSERVER$
SAMBADOMAIN+win-xp
SAMBADOMAIN+CLIENT-XP2$
SAMBADOMAIN+HOST/samba
[root@samba bin]# /usr/local/samba/bin/wbinfo -g
SAMBADOMAIN+Domänencomputer
SAMBADOMAIN+Domänencontroller
SAMBADOMAIN+Schema-Admins
SAMBADOMAIN+Organisations-Admins
SAMBADOMAIN+Domänen-Admins
SAMBADOMAIN+Domänen-Benutzer
SAMBADOMAIN+Domänen-Gäste
SAMBADOMAIN+Richtlinien-Ersteller-Besitzer
SAMBADOMAIN+DnsUpdateProxy
SAMBADOMAIN+sambadomainuser
[root@samba bin]#


But when I run...

[root@samba bin]# /usr/bin/getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0perator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/bin/bash
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
[root@samba bin]# /usr/bin/getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
rpm:x:37:
floppy:x:19:
vcsa:x:69:
utmp:x:22:
nscd:x:28:
slocate:x:21:
sshd:x:74:
rpc:x:32:
rpcuser:x:29:
nfsnobody:x:65534:
mailnull:x:47:
smmsp:x:51:
pcap:x:77:
apache:x:48:
xfs:x:43:
named:x:25:
ntp:x:38:
gdm:x:42:
[root@samba bin]#

... I have only the local information. And this is my problem! I have searched in the internet for solutions and tried a lot but nothing has solved it. Now I reinstalled the hole system to this state. For all that I used the Samba Howto.

Is it possible that the problem lies on one of the W2003 servers?

I will test your advices as soon as I can, but I'm not all the time in the office.

Thanks a lot for those persons who try to help me, and sorry for my bad English!


best regards + God bless
Andreas Beyeler - Switzerland
 
Old 05-18-2004, 07:18 AM   #2
c3po
LQ Newbie
 
Registered: May 2004
Posts: 2

Rep: Reputation: 0
Hi! nachdem du w2003 auf deutsch installiert hast, schreib ich auch auf deutsch ;-)

sag mal, hast du zufällig das problem irgendwie gelöst?
ich hab so ein ähnliches problem ...

lg, michi
 
Old 05-18-2004, 01:21 PM   #3
AndreasBeyeler
LQ Newbie
 
Registered: May 2004
Posts: 3

Original Poster
Rep: Reputation: 0
Nein, aber ich bin momentan dran, es mit Suse 9.0 zu probieren. Dort muss ich zwar für eine neuere Heimdal-Version als 0,6 schauen weil im Howto steht, dass dieses nicht so super mit W2003 läuft.
Ich habe mit Suse auch ein neues Feld im Swat bekommen, nämlich unter den Winbind-Parametern das Feld "enable local accounts". Dieses hatte ich bei Redhat nicht. Vielleicht habe ich auch das Vergnügen W2003 in Englisch zu installieren, es auf Deutsch Gruppen mit Umlauten benennt.

... werde nächste Woche weiterüben ?-)

was ist denn bei Dir das Problem??

mfg + Gottes Segen
Andreas

Quote:
Originally posted by c3po
Hi! nachdem du w2003 auf deutsch installiert hast, schreib ich auch auf deutsch ;-)

sag mal, hast du zufällig das problem irgendwie gelöst?
ich hab so ein ähnliches problem ...

lg, michi
 
Old 05-19-2004, 02:15 AM   #4
c3po
LQ Newbie
 
Registered: May 2004
Posts: 2

Rep: Reputation: 0
hm, irgendwie schwer zu erklären ... also, sobald ich den security=ads setze, lässt er mich nicht mehr auf die samba-shares. bekomm immer das anmeldefenster ...

... wenn ich "domain logons = Yes" setze, dann funzt kein wbinfo -u bzw. getent passwd/group...

hm. witzig ist aber, ich habe eine suse 9.0.42 (beta) mit dem 2.6er kernel und dem samba 3 laufen, wo alles geht. nur unter 9.1 halt nicht ... ich probier die maschine nochmal aufzusetzen ... irgendwie sehr komisch das ganze ...

greetings ;-)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP Authentication w/ Local User Information Adrian W Linux - Security 13 08-17-2004 11:09 AM
software for adding cddb information into a local mysql database jacksonscottsly Linux - Software 1 07-09-2004 09:21 PM
getent passwd and wibinfo -u not working bahadur Linux - Networking 0 06-14-2004 12:20 AM
df command shows wrong information vdemuth Mandriva 3 06-04-2004 02:30 AM
Samba 3, Winbind (getent) not returning Domain USers delphiq Linux - Software 1 04-16-2004 05:18 AM


All times are GMT -5. The time now is 07:50 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration