LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Samba/wbinfo doesn't show local groups (http://www.linuxquestions.org/questions/linux-networking-3/samba-wbinfo-doesn%27t-show-local-groups-186073/)

pauljtester 05-26-2004 10:31 AM

Samba/wbinfo doesn't show local groups
 
Hi All -

When I run wbinfo -g it only shows the groups that have been defined on my PDC. Same with getent groups.

So in my smb.conf when I want a folder to only be accessed by valid users/groups I have to use those that come from the PDC, I can't specify localhost groups.

This question was asked 12/1/2003 by someone else, but didn't receive any replies. Any clues? BTW, I running RH8.0 and Samba 3.

Here's the info:
smb.conf:

[global]
security = domain
workgroup = MYDOMAIN
password server = pwserver
encrypt passwords = yes
smb passwd file = /usr/local/samba/private/smbpasswd
netbios name = lindendev
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = yes
winbind cache time = 10

[main]
path = /
comment = Whole Computer
valid users = MYDOMAIN+domainuser <-----this share works
writable = yes
read only = no
browseable = yes

[temp]
path = /var/tmp
comment = Random File Space
valid users = '@Domain Users' <----also works
writable = yes
read only = no
browseable = yes

[Test]
path = /home/test
comment = Test Folder
valid users = LocalMachineUser <-----doesn't work
read only = no
writable = yes
browseable = yes


# /usr/local/samba/bin/net rpc join -S MYPDC -U Administrator
Password:
Joined domain MYDOMAIN

#wbinfo -m
LOCALMACHINE
BUILTIN
<-----doesn't show MYDOMAIN even though I've joined it

#wbinfo -g
BUILTIN+System Operators
BUILTIN+Replicators
BUILTIN+Guests
BUILTIN+Power Users
BUILTIN+Print Operators
BUILTIN+Administrators
BUILTIN+Account Operators
BUILTIN+Backup Operators
BUILTIN+Users
Bkg Job Users <----why doesn't it show MYDOMAIN+ prefix?
Domain Admins
Domain Guests
Domain Users
Executives
International
Internet Media
Managers
Marketing
Operations
Sales

Any help is appreciated.
Cheers,
P

colinjrob 09-05-2004 07:26 AM

Looks like one of you login configuration files is not configured correctly. Post or look in your /etc/pam.d/login file. You may find that it is configured to only winbind authentications. login configures the authentication of Linux logins for Shell text only style logins. On my RH9 system I have to also configure the /etc/pam.d/gdm file which is the Gnome login screen configuration.

Here's a copy of my Login and gdm files respectively. Hope this helps :-)

#%PAM-1.0 login
auth required pam_securetty.so
auth required pam_nologin.so
auth sufficient pam_winbind.so
auth required pam_unix.so use_first_pass

account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_mkhomedir.so umask=077
session optional pam_console.so
----------------------------------------------------------------------------
#%PAM-1.0 gdm
auth required pam_nologin.so
auth required pam_env.so
auth sufficient pam_winbind.so
auth required pam_unix.so use_first_pass

account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_mkhomedir.so skel=/etc/skel umask=077
session optional pam_console.so


All times are GMT -5. The time now is 01:17 PM.