Hey all,
I have got a problem with getting samba to work right for me. I am not a complete newbie, however files concerning security (like the pam files and nsswitch.conf) is not my strongest point
What i done so far is edit the smb.conf to my likings and i added the linux server to my PDC. That part went fine, however i wanted to use the group names from the NT domain for secutiry within the smb.conf (Valid used @groupname). So i read in some documents i found on the internet that i had to use winbind. I followed all steps according to document :
de.samba.org/samba/docs/man/winbindd.8.html
I edited the /etc/nsswitch.conf file and the /etc/pam.d/samba file with the changes mentioned in the document mentioned above.
When i start the winbindd (from /etc/rc.d/init.d/winbindd start) i see in the /etc/log/samba/log.winbindd the following :
[2004/01/19 10:23:14, 0] param/loadparm.c:map_parameter(2065)
Unknown parameter encountered: "idmap uid"
[2004/01/19 10:23:14, 0] param/loadparm.c:lp_do_parameter(2740)
Ignoring unknown parameter "idmap uid"
[2004/01/19 10:23:14, 0] param/loadparm.c:map_parameter(2065)
Unknown parameter encountered: "idmap gid"
[2004/01/19 10:23:14, 0] param/loadparm.c:lp_do_parameter(2740)
Ignoring unknown parameter "idmap gid"
[2004/01/19 10:23:15, 0] nsswitch/winbindd_util.c:winbindd_param_init(326)
winbind uid range missing or invalid
When i try the wbinfo -u command i get : Error looking up domain users.
My /etc/pam.d/samba looks like this atm :
#%PAM-1.0
#auth required pam_nologin.so
#auth required pam_stack.so service=system-auth
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok
#account required pam_stack.so service=system-auth
account required /lib/security/pam_winbind.so
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
My /etc/nsswitch.conf looks like this atm :
passwd: files winbind
shadow: files
group: files winbind
hosts: files nisplus dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files nisplus
rpc: files
services: files nisplus
netgroup: files nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
Anymore info i got has to do with the winbindd .. it doesnt seem to start oke, i can constandly start it and start it ..when i try to stop the service i get an error .. so there is something wrong in there .. i just cant fingure out what it is.
The erros i mentioned above from the log.winbindd with the unknown parameter he probably gets from my smb.conf file. According to the document i mentioned above you had to add a few lines to the smb.conf :
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind seperator = +
winbind enum users = yes
winbind enum groups = yes
Thats all the info i can think off right now to give you all .. i really would appriciate some help since im stuck atm.
Thanx in advance for replying, If the smb.conf file is needed in this thread then pls let me know.
With best regards,
rizza