Portál AbcLinuxu, 4. listopadu 2025 21:28
GLOBAL PARAMETERS
[global]
workgroup = EOSKSICZ
realm = EOSKSICZ.NET
preferred master = no
security = ADS
encrypt passwords = yes
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = No
winbind nested groups = Yes
winbind separator = /
winbind nss info = rfc2307
passdb backend = tdbsam
idmap config CENTAURA:schema_mode = rfc2307
idmap backend = ad
idmap uid = 100-20000000
idmap gid = 100-20000000
#Zakazani podpory tiskaren
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
######################################
[shares]
comment = Spolecny adresar1
path = /home/data1
valid users = @"EOSKSICZ/Domain Users"
read only = no
create mask = 2666
directory mask = 2777
----------------------------------------------------------
moje nssswitch.conf
passwd: compat winbind
group: compat winbind
shadow: compat
hosts: files dns wins
ethers: db files
netmasks: files
networks: files dns
protocols: db files
rpc: files
services: files
netgroup: files
publickey: nisplus
automount: files
aliases: files nisplus
-------------------------------------------------
toto mi pise do logu /var/log/samba/winbindd.log
[2008/07/22 09:33:06, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(85)
error getting user id for sid S-1-5-21-3144250970-348212425-3898695356-2350
[2008/07/22 09:33:06, 1] nsswitch/winbindd_user.c:winbindd_getpwent(728)
could not lookup domain user CZ0003
[2008/07/22 09:33:06, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(613)
Could not get unix ID
Dokaze mi nekdo, prosim poradit kudy dal? Predem diky za pomoc
cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EOSKSICZ.NET
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
[realms]
EOSKSICZ.NET = {
kdc = eosprdc01.eosksicz.net:88
kdc = eosprdc01.eosksicz.net
kdc = eosprdc01.eosksicz.net
admin_server = eosprdc01.eosksicz.net:749
default_domain = eosksicz.net
kdc = eosprdc01.eosksicz.net
}
[domain_realm]
.eosksicz.net = EOSKSICZ.NET
eosksicz.net = EOSKSICZ.NET
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
Ale predpokladam, ze kerberos funguje, protoze masinu mam do odmeny pridanou a prikazem net ads join - U USERNAME me overi.
[root@eosprpx02 ~]# /sbin/service winbind status winbindd (pid 7371 7369) bÄžĂ... [root@eosprpx02 ~]# /sbin/service smb status smbd (pid 3416 3407) bÄžĂ... nmbd (pid 3412) bÄžĂ...
[2008/07/22 11:32:30, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(85) error getting user id for sid S-1-5-21-3144250970-348212425-3898695356-3106 [2008/07/22 11:32:30, 1] nsswitch/winbindd_user.c:winbindd_getpwent(728) could not lookup domain user CZ0097 [2008/07/22 11:32:30, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(613) Could not get unix ID
net ads testjoin
/etc/nsswitch.conf a přidání pc do domény restart služeb samba a winbind?
[root@eosprpx02 ~]# whereis libnss_winbind.so libnss_winbind: /lib/libnss_winbind.so /usr/lib/libnss_winbind.so mam ji 2x tak kterou a kam? do /lib nebo do /usr/lib to Honza: [root@eosprpx02 ~]# net ads testjoin Join is OK
wbinfo -n 'DOMENA\login' a wbinfo -s "získané sid" ?
[root@eosprpx02 ~]# wbinfo -n 'EOSKSICZ/CZ0059' S-1-5-21-3144250970-348212425-3898695356-3109 User (1) [root@eosprpx02 ~]# wbinfo -s "S-1-5-21-3144250970-348212425-3898695356-3109" EOSKSICZ/cz0059 1 [root@eosprpx02 ~]#
getent passwd 'DOMENA\CZ0059'tail /var/log/samba/winbind.logtail -20 /var/log/samba/DOMENA.log (viz log file = /var/log/samba/%m.log)
[root@eosprpx02 ~]# getent passwd 'EOSKSICZ\CZ0059' [root@eosprpx02 ~]# tail /var/log/samba/winbindd.log [2008/07/22 12:32:57, 3] nsswitch/winbindd_misc.c:winbindd_info(479) [ 2965]: request misc info [2008/07/22 12:32:57, 3] nsswitch/winbindd_sid.c:winbindd_lookupname(103) [ 2965]: lookupname EOSKSICZ/CZ0059 [2008/07/22 12:33:22, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(491) [ 2966]: request interface version [2008/07/22 12:33:22, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(524) [ 2966]: request location of privileged pipe [2008/07/22 12:33:22, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(346) [ 2966]: getpwnam EOSKSICZ\CZ0059 [root@eosprpx02 ~]# tail -20 /var/log/samba/EOSKSICZ.log tail: cannot open `/var/log/samba/EOSKSICZ.log' for reading: nenĂ souborem ani adresĂĄĹem [root@eosprpx02 ~]#
[2008/07/22 12:06:29, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(85) error getting user id for sid S-1-5-21-3144250970-348212425-3898695356-3109 [2008/07/22 12:06:29, 1] nsswitch/winbindd_user.c:winbindd_getpwent(728) could not lookup domain user CZ0059 [2008/07/22 12:06:29, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(613) Could not get unix ID
[root@eosprpx02 ~]# rpm -qa|grep samba samba-client-3.0.28-1.el5_2.1 system-config-samba-1.2.39-1.el5 samba-common-3.0.28-1.el5_2.1 samba-3.0.28-1.el5_2.1
Nejde to jednoduse nejak odinstalovat a naistalovat znova? Z nejakeho balicku? nebo je prekompilace jednoducha?
Tiskni
Sdílej:
ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.