Web lists-archives.com

Re: [Samba] Domain member server: user access




Arg.. 

wbinfo --gid-info=100 
DC:  Confirmed, DOMAIN\Domain Users

Member: Fail. 
failed to call wbcGetgrgid: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for gid 100 

But both server show the same with  : 
wbinfo -n "NTDOM\domain users" 

So imho, report bug if Rowland can confirm this with a samba from source. 


Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> Stefan G. Weichinger via samba
> Verzonden: maandag 25 september 2017 16:40
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: Re: [Samba] Domain member server: user access
> 
> Am 2017-09-25 um 16:29 schrieb Rowland Penny via samba:
> 
> >> DC # samba-tool user create kamleitnerl Le26xxx 
> >> --nis-domain=arbeitsgruppe --unix-home=/home/kamleitnerl 
> >> --uid-number=10070 --login-shell=/bin/false --gid-number=100
> >>
> > 
> > Where did you get the GID '100' from ?
> > Is this the gidNumber for Domain Users ?
> 
> I think so:
> 
> # wbinfo --gid-info=100
> ARBEITSGRUPPE\domain users:x:100:
> 
> ?
> 
> > Can you please post the smb.conf from the DC and DM.
> 
> Sure. We had both in an earlier thread, btw, but here again:
> 
> DC:
> 
> # samba-tool testparm
> Press enter to see a dump of your service definitions
> 
> # Global parameters
> [global]
> 	netbios name = BACKUP
> 	realm = ARBEITSGRUPPE.MY.TLD
> 	workgroup = ARBEITSGRUPPE
> 	dns forwarder = 10.0.0.254
> 	server role = active directory domain controller
> 	idmap_ldb:use rfc2307 = yes
> 
> [netlogon]
> 	path = /var/lib/samba/sysvol/arbeitsgruppe.my.tld/scripts
> 	read only = No
> 
> [sysvol]
> 	path = /var/lib/samba/sysvol
> 	read only = No
> 
> DM:
> 
> # testparm -s
> Load smb config files from /etc/samba/smb.conf
> rlimit_max: increasing rlimit_max (1024) to minimum Windows 
> limit (16384) Processing section "[Daten]"
> Processing section "[Scans_Plotter]"
> Loaded services file OK.
> 
> Server role: ROLE_DOMAIN_MEMBER
> 
> # Global parameters
> [global]
> 	realm = ARBEITSGRUPPE.MY.TLD
> 	workgroup = ARBEITSGRUPPE
> 	log file = /var/log/samba/%m.log
> 	load printers = No
> 	printcap name = /dev/null
> 	security = ADS
> 	username map = /etc/samba/user.map
> 	winbind nss info = rfc2307
> 	winbind refresh tickets = Yes
> 	winbind use default domain = Yes
> 	idmap config arbeitsgruppe:schema_mode = rfc2307
> 	idmap config arbeitsgruppe:range = 10000-9999999
> 	idmap config arbeitsgruppe:backend = ad
> 	idmap config * : range = 2000-2999
> 	idmap config * : backend = tdb
> 
> ...
> 
> thx, Stefan
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba