Re: Fedora 10 winbindd core dump

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2009-01-22 at 17:03 -0800, Peter J. Stieber wrote:

> Even if I have a configuration problem, I shouldn't expect the core dump 
> should I?
----
a core dump is rather drastic
----
> Here's the result of 'testparm -s'...
> 
> Load smb config files from /etc/samba/smb.conf
> Processing section "[IsrAlgorithmData]"
> Loaded services file OK.
> WARNING: You have some share names that are longer than 12 characters.
> These may not be accessible to some older clients.
> (Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)
> Server role: ROLE_DOMAIN_MEMBER
> [global]
> 	workgroup = TOYON
> 	server string = Samba Server Version %v
> 	interfaces = lo, eth1
> 	security = DOMAIN
> 	username map = /etc/samba/DomainToLocalMapping.txt
> 	log file = /var/log/samba/log.%m
> 	max log size = 50
> 	idmap domains = TOYON
> 	idmap alloc backend = tdb
> 	idmap alloc config:range = 5000-9999
> 	idmap config TOYON:range = 10000-300000000
> 	idmap config TOYON:readonly = yes
> 	idmap config TOYON:backend = ad
> 	hosts allow = 127., 172.16.1., 172.17.0., 172.21.0., 192.168.120., 
> 192.168.110.
> 
> [IsrAlgorithmData]
> 	comment = ISR Algorithm Data
> 	path = /media/bigdisk
> 	valid users = +users
> 	read only = No
> 	create mask = 0770
> 	force create mode = 060
> 	directory mask = 0770
> 	force directory mode = 060
> 	guest ok = Yes
> 
> 
> Am I "missing an idmap configuration option that maps the other windows 
> domain controller that is providing the account information (login 
> name/password) to a local 'home' directory."
----
nope but configuration surely is a problem.

security = DOMAIN

that's for a Windows NT type of DOMAIN not Active Directory. You should
be security = ADS but I'm guessing that you are trying to skirt the
issues of kerberos and keytabs, etc. but that ain't gonna work.

You really need to read through the samba documentation to get you
there...

http://samba.org/samba/docs/man/Samba-Guide/unixclients.html#adssdm

should probably be enough to get you through it.

I gather that you haven't the ability to get a user list...
'getent passwd'
or a group list...
'getent group'

that includes the Windows AD users and groups and until that happens,
samba doesn't have a chance.

you will probably also need to ensure that nsswitch.conf ultimately
includes winbindd for 'passwd' and 'group' and /etc/ldap.conf for the
rest of the attributes but definitely the samba documentation above
should get you started on the right path.

Craig

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux