Find the answer to your Linux question:
Results 1 to 2 of 2
I'm trying to get a RHEL 5.4 base system to authenticate against a W2K8 domain With the stock samba-3.0.33, I can use wbinfo and getent just fine, but I cannot ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie jnojr's Avatar
    Join Date
    Sep 2007
    Location
    San Diego, CA
    Posts
    117

    Samba 3.0.33 (sorta) works, 3.5.4 doesn't


    I'm trying to get a RHEL 5.4 base system to authenticate against a W2K8 domain

    With the stock samba-3.0.33, I can use wbinfo and getent just fine, but I cannot actually authenticate. Googling finally led to a bug that strongly suggests that 3.0.33 cannot and will never be able to authenticate against W2K8, so I installed samba3x-3.5.4 Now, I cannot even join the domain. I get:

    Failed to join domain: failed to lookup DC info for domain 'MY.DOMAIN' over rpc: Invalid workstation

    Googling on that isn't turning up much of anything.

    net ads status seems to work just fine.

    /var/log/samba/log.winbindd says "Could not fetch our SID - did we join?" and "unable to initialize domain list"

  2. #2
    Linux Newbie jnojr's Avatar
    Join Date
    Sep 2007
    Location
    San Diego, CA
    Posts
    117
    Some smb.conf entries that are helping me make progress!

    # deal with NSS and the whole UID/SID id mapping stuff
    idmap backend = tdb
    idmap uid = 2000000 - 2999999
    idmap gid = 2000000 - 2999999
    idmap config MYDOMAIN : backend = ad
    idmap config MYDOMAIN : schema_mode = rfc2307
    idmap config MYDOMAIN : readonly = yes
    idmap config MYDOMAIN : range = 500 - 1999999
    idmap cache time = 604800
    idmap negative cache time = 20
    winbind cache time = 600
    winbind nss info = rfc2307
    winbind expand groups = 2
    winbind nested groups = yes
    winbind use default domain = yes
    winbind enum users = yes
    winbind enum groups = yes
    winbind refresh tickets = yes
    winbind offline logon = false

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •