ein_mann_betrieb
asked on
Samba Winbind wbinfo -u fails with "Error looking up domain users"
Dear Experts...
This one is driving me nuts. I have samab with winbind setup and have proceeded to setup samba, setup kerberos, and join the Active Directory. I can use the kinit and kpasswd tools to check/change passwords on the Active Directory. Everything seems to be going smooth until wbinfo -u. Then I get "Error looking up domain users".
net rpc join -U Administrator reports a sucessful join.
Active Directory shows the unix server's computer account
wbinfo -t reports sucess
wbinfo -g reports BuiltIn groups only
------------------ smb.conf --------------------------
workgroup = Sample
netbios name = Server2
os level = 20
realm = EXAMPLE.COM
server string = File Server (Samba)
security = ADS
encrypt passwords = Yes
template shell = /bin/bash
template homedir = /home/%U
template primary group = "Domain Users"
idmap uid = 1000-2000
idmap gid = 1000-2000
winbind uid = 1000-2000
winbind gid = 1000-2000
winbind separator = +
winbind cache time = 10
winbind use default domain = Yes
winbind nested groups = Yes
winbind enum users = Yes
winbind enum groups = Yes
username level = 5
log level = 1
log file = /var/log/samba/%m
min protocol = LANMAN2
name resolve order = host wins lmhosts
getwd cache = No
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=16384 SO_SNDBUF=16384
load printers = No
logon script = \\server1\netlogon\logon.b
logon drive = X:
lm announce = No
preferred master = No
local master = No
domain master = No
wins server = server1.example.com
ldap ssl = No
read only = No
create mask = 0660
directory mask = 0770
inherit permissions = Yes
inherit acls = Yes
csc policy = disable
--------------------------
OS: RedHat EL 3
Samba: Version 3.0.9-1.3E.3
What is up with this? From what I recall I followed the exact same proceedures for another setup and it worked just fine.
I really need this soon. Thanks!! -Cheers, Peter.
This one is driving me nuts. I have samab with winbind setup and have proceeded to setup samba, setup kerberos, and join the Active Directory. I can use the kinit and kpasswd tools to check/change passwords on the Active Directory. Everything seems to be going smooth until wbinfo -u. Then I get "Error looking up domain users".
net rpc join -U Administrator reports a sucessful join.
Active Directory shows the unix server's computer account
wbinfo -t reports sucess
wbinfo -g reports BuiltIn groups only
------------------ smb.conf --------------------------
workgroup = Sample
netbios name = Server2
os level = 20
realm = EXAMPLE.COM
server string = File Server (Samba)
security = ADS
encrypt passwords = Yes
template shell = /bin/bash
template homedir = /home/%U
template primary group = "Domain Users"
idmap uid = 1000-2000
idmap gid = 1000-2000
winbind uid = 1000-2000
winbind gid = 1000-2000
winbind separator = +
winbind cache time = 10
winbind use default domain = Yes
winbind nested groups = Yes
winbind enum users = Yes
winbind enum groups = Yes
username level = 5
log level = 1
log file = /var/log/samba/%m
min protocol = LANMAN2
name resolve order = host wins lmhosts
getwd cache = No
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=16384 SO_SNDBUF=16384
load printers = No
logon script = \\server1\netlogon\logon.b
logon drive = X:
lm announce = No
preferred master = No
local master = No
domain master = No
wins server = server1.example.com
ldap ssl = No
read only = No
create mask = 0660
directory mask = 0770
inherit permissions = Yes
inherit acls = Yes
csc policy = disable
--------------------------
OS: RedHat EL 3
Samba: Version 3.0.9-1.3E.3
What is up with this? From what I recall I followed the exact same proceedures for another setup and it worked just fine.
I really need this soon. Thanks!! -Cheers, Peter.
ASKER
Yes... The wins server is also the PDC.
It is denoted in the line "wins server = server1.example.com"
But there is also a line entry in the hosts file to resolve the PDC's IP address.
I did ping communication tests between the servers with both the FQDN and abreviated name and all worked fine.
It is denoted in the line "wins server = server1.example.com"
But there is also a line entry in the hosts file to resolve the PDC's IP address.
I did ping communication tests between the servers with both the FQDN and abreviated name and all worked fine.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@$#%#@$!!!!
Ok... I was very stupid...
My /etc/hosts entries were wrong and I didn't check them since I was able to join the domain and ping the server.
I forgot to include the short name of the server in the hosts file instead of just the fqdn. That is why it was junking out.
Thanks for the memory jog gheist. I am feeling very stuipd at this point. :-P
Thanks again! Cheers, Peter.
Ok... I was very stupid...
My /etc/hosts entries were wrong and I didn't check them since I was able to join the domain and ping the server.
I forgot to include the short name of the server in the hosts file instead of just the fqdn. That is why it was junking out.
Thanks for the memory jog gheist. I am feeling very stuipd at this point. :-P
Thanks again! Cheers, Peter.
It needs IP address by your resolve order...