From owner-freebsd-questions@FreeBSD.ORG Thu May 22 13:47:12 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C5EB9106566C for ; Thu, 22 May 2008 13:47:12 +0000 (UTC) (envelope-from sdafreebsduk@rowyerboat.com) Received: from brookes.ac.uk (csmail1.brookes.ac.uk [161.73.1.23]) by mx1.freebsd.org (Postfix) with ESMTP id 5CC3B8FC12 for ; Thu, 22 May 2008 13:47:11 +0000 (UTC) (envelope-from sdafreebsduk@rowyerboat.com) Received: from [161.73.146.9] (izb6d318.brookes.ac.uk [161.73.146.9]) (authenticated bits=0) by brookes.ac.uk (8.14.2/8.14.2) with ESMTP id m4MDl4Lf014358 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 22 May 2008 14:47:06 +0100 (BST) Message-ID: <48357959.1080508@rowyerboat.com> Date: Thu, 22 May 2008 14:47:05 +0100 From: Stephen Allen User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-MailScanner-Information: Oxford Brookes University MailScanner X-MailScanner: Clean X-MailScanner-From: sdafreebsduk@rowyerboat.com X-Spam-Status: No Subject: Samba/Winbind/nsswitch problem X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2008 13:47:12 -0000 Hello, I've installed and configured samba with winbind, to allow Windows Active Directory users to login without me having to create a local account for them. Generally speaking, it works (I can login, wbinfo -u|-g returns the correct data). I can login as a Windows user through ssh, and am using the pam_mkhomedir module (which also works ok). Anyway, I've got 2 questions/problems... (1) Whenever I restart samba, syslog receives messages like these below. auth/auth_util.c:create_builtin_administrators(792) create_builtin_administrators: Failed to create Administrators auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users auth/auth_util.c:create_builtin_administrators(792) create_builtin_administrators: Failed to create Administrators auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users (2) If I use the "winbind enum users|groups = Yes" options, syslog receives messages like these below (hundreds of them... every few mins). nsswitch/winbindd_group.c:winbindd_getgrent(1110) could not lookup domain group department (maths) nsswitch/winbindd_group.c:winbindd_getgrent(1110) could not lookup domain group department (mecheng) Can anyone help please? Many thanks, Steve :) ======================== SOME NOTES ON MY CONFIG: ======================== FreeBSD 7.0-RELEASE amd64 samba-3.0.28a,1 root@bax ~ $ testparm -s Load smb config files from /usr/local/etc/smb.conf Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER [global] workgroup = TECHNOLOGY security = DOMAIN allow trusted domains = No syslog only = Yes load printers = No printcap name = /dev/null ldap ssl = no idmap domains = TECHNOLOGY template shell = /usr/local/bin/bash winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes idmap config TECHNOLOGY:range = 10000-20000 idmap config TECHNOLOGY:backend = rid root@bax ~ $ wbinfo -u | wc -l 2944 root@bax ~ $ wbinfo -g | wc -l 117 root@bax ~ $ cat /etc/nsswitch.conf group: files winbind group_compat: files nis hosts: files dns networks: files passwd: files winbind passwd_compat: files nis shells: files services: files services_compat: files nis protocols: files rpc: files