From owner-freebsd-questions@FreeBSD.ORG Wed Jan 31 19:50:05 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 48E5216A40A for ; Wed, 31 Jan 2007 19:50:05 +0000 (UTC) (envelope-from hadyn_whx@hotmail.com) Received: from bay0-omc1-s19.bay0.hotmail.com (bay0-omc1-s19.bay0.hotmail.com [65.54.246.91]) by mx1.freebsd.org (Postfix) with ESMTP id 24ABF13C4BC for ; Wed, 31 Jan 2007 19:50:05 +0000 (UTC) (envelope-from hadyn_whx@hotmail.com) Received: from hotmail.com ([64.4.61.75]) by bay0-omc1-s19.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Wed, 31 Jan 2007 11:38:05 -0800 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 31 Jan 2007 11:38:05 -0800 Message-ID: Received: from 74.12.184.216 by BAY102-DAV3.phx.gbl with DAV; Wed, 31 Jan 2007 19:38:02 +0000 X-Originating-IP: [74.12.184.216] X-Originating-Email: [hadyn_whx@hotmail.com] X-Sender: hadyn_whx@hotmail.com Date: Wed, 31 Jan 2007 14:37:19 -0500 From: Alex Wang To: freebsd-questions@freebsd.org Message-Id: <20070131142242.9A95.HADYN_WHX@hotmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.29 [en] X-OriginalArrivalTime: 31 Jan 2007 19:38:05.0094 (UTC) FILETIME=[53ADE460:01C7456F] Subject: samba 3.0.23d can't get work X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jan 2007 19:50:05 -0000 Hi All I upgrade samba from 3.0.22 to 3.0.23d through port tree. After that the samba server stop working. I can run wbinfo -u and wbinfo -g to get user/group list. i can run wbinfo -a username%password and get plaintext password authentication succeeded challenge/response password authentication succeeded I use net ads join to my domain. The "net groupmap list" shows Administrators (S-1-5-32-544) -> 502 Users (S-1-5-32-545) -> 503 But not full domain user list. Same configuration was working under 3.0.22. I heard the 3.0.23 changed a lot in the winbind mapping... But anyone can help me out? Following are config file list. smb.conf [global] workgroup = TEST realm = TEST.COM server string = Samba Server security = ADS allow trusted domains = No password server = dc syslog only = Yes log level =3 log file = /var/log/samba/smb.log max log size = 50 dns proxy = No wins server = 192.168.0.10 passdb expand explicit = No idmap backend = rid:TEST=1000-20000 idmap uid = 1000-20000 idmap gid = 1000-20000 template homedir = /usr/samba/%U template shell = /bin/sh winbind cache time = 3600 winbind use default domain = Yes winbind nested groups = Yes winbind enum users = Yes winbind enum groups = Yes hosts allow = 192.168.0. [Test] path = /usr/samba read only = No [Software] comment = Application path = /usr/samba/software valid users = @"Domain Users",@"Domain Admins" read only = Yes write list = @"Domain Admins" create mode = 0777 directory mode = 0777 nsswitch.conf group: files winbind group_compat: nis hosts: files dns networks: files passwd: files winbind passwd_compat: nis shells: files shadow: files winbind krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = TEST.COM dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes [realms] STEELCARE.COM = { kdc = dc.test.com admin_server = dc.test.com default_domain = test.com } [domain_realms] .kerberos.server = TEST.COM .steelcare.com = TEST.COM [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } Thanks a lot Alex