Fedora 10 winbindd core dump
Craig White
craigwhite at azapple.com
Fri Jan 23 02:13:28 UTC 2009
On Thu, 2009-01-22 at 17:03 -0800, Peter J. Stieber wrote:
> Even if I have a configuration problem, I shouldn't expect the core dump
> should I?
----
a core dump is rather drastic
----
> Here's the result of 'testparm -s'...
>
> Load smb config files from /etc/samba/smb.conf
> Processing section "[IsrAlgorithmData]"
> Loaded services file OK.
> WARNING: You have some share names that are longer than 12 characters.
> These may not be accessible to some older clients.
> (Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)
> Server role: ROLE_DOMAIN_MEMBER
> [global]
> workgroup = TOYON
> server string = Samba Server Version %v
> interfaces = lo, eth1
> security = DOMAIN
> username map = /etc/samba/DomainToLocalMapping.txt
> log file = /var/log/samba/log.%m
> max log size = 50
> idmap domains = TOYON
> idmap alloc backend = tdb
> idmap alloc config:range = 5000-9999
> idmap config TOYON:range = 10000-300000000
> idmap config TOYON:readonly = yes
> idmap config TOYON:backend = ad
> hosts allow = 127., 172.16.1., 172.17.0., 172.21.0., 192.168.120.,
> 192.168.110.
>
> [IsrAlgorithmData]
> comment = ISR Algorithm Data
> path = /media/bigdisk
> valid users = +users
> read only = No
> create mask = 0770
> force create mode = 060
> directory mask = 0770
> force directory mode = 060
> guest ok = Yes
>
>
> Am I "missing an idmap configuration option that maps the other windows
> domain controller that is providing the account information (login
> name/password) to a local 'home' directory."
----
nope but configuration surely is a problem.
security = DOMAIN
that's for a Windows NT type of DOMAIN not Active Directory. You should
be security = ADS but I'm guessing that you are trying to skirt the
issues of kerberos and keytabs, etc. but that ain't gonna work.
You really need to read through the samba documentation to get you
there...
http://samba.org/samba/docs/man/Samba-Guide/unixclients.html#adssdm
should probably be enough to get you through it.
I gather that you haven't the ability to get a user list...
'getent passwd'
or a group list...
'getent group'
that includes the Windows AD users and groups and until that happens,
samba doesn't have a chance.
you will probably also need to ensure that nsswitch.conf ultimately
includes winbindd for 'passwd' and 'group' and /etc/ldap.conf for the
rest of the attributes but definitely the samba documentation above
should get you started on the right path.
Craig
More information about the fedora-list
mailing list