From owner-freebsd-current@FreeBSD.ORG Thu Jan 29 06:17:41 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0EE0E16A4CF; Thu, 29 Jan 2004 06:17:41 -0800 (PST) Received: from bragi.housing.ufl.edu (bragi.housing.ufl.edu [128.227.47.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4300043D55; Thu, 29 Jan 2004 06:17:36 -0800 (PST) (envelope-from WillS@housing.ufl.edu) content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Date: Thu, 29 Jan 2004 09:17:33 -0500 Message-ID: <0E972CEE334BFE4291CD07E056C76ED8CBBE2A@bragi.housing.ufl.edu> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: nss_winbind support Thread-Index: AcPmb9gFMWAwVbJySMuoqFm/CTHtKQAACK2w From: "Will Saxon" To: "Jacques A. Vidrine" cc: Tim Aslat cc: current@freebsd.org Subject: RE: nss_winbind support X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jan 2004 14:17:41 -0000 >=20 > I haven't been following this thread, but the above > information does not seem correct. If the Samba port is built > WITH_WINBIND_NSS, then the NSS module will be correctly installed as > `/usr/local/lib/nss_windbind.so.1'. >=20 > What problem exactly are you having? After installation of the port (net/samba-devel) those modules were not installed, although I did not try the option you mentioned since it does not exist in the port Makefile v1.98 that I have. It does exist for=20 the net/samba 2.2.8 port. Originally when copying the modules by hand I was not able to resolve domain users or groups with the pw utility nor was I able to set user or group permissions on directories. The /var/log/debug.log file = contained several line like 'NSSWITCH(nss_method_lookup): winbind, group, = getgrent_r,=20 not found' and similar. Looking through some samba mailing list archives suggests that they did not implement nsswitch stuff for freebsd exactly correctly, but this has = been fixed in the CVS tree. After compiling the latest CVS as of yesterday afternoon and copying the nss modules over to /usr/lib I was able to set permissions for domain users and groups using chown and I am able to look at group information using the pw utility (pw group show DOMAIN+name. Trying to resolve users in this fashion results in 'pw: invalid character `+` at position 6 in userid/group name' I am still getting lots of the NSSWITCH errors in my debug.log, if that makes a difference. Today I am going to try to get some shares set up that work. I shared out a directory with permissions set to 1755 for my domain user and = group.=20 I was able to access the directory but I was not able to write to it. I've never really used samba for anything before and certainly not using ADS authentication and winbind, so please if I am just completely = missing the point somewhere let me know. -Will