Skip to Main Content
Forums

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Samba and winbind strange thing

UnixFan12Jan 3 2014

I use a Windows2003 AD server,clients are Linux,UNix(hp-ux,solaris 10,solaris11) and of course some windows.

To obtain a unique uid and gid for shared directories,i use an additional ldap(openldap on linux server) wich convert

the Windows SID in Unix UID/GID,unique for user and groups,the ldap server is used by samba idmap "plugin".

The problem is Solaris11 and Hpux client works very bad!

Solaris10 and linux works fine.

Someone know if is a bug of samba?

My configuration on solaris11(solaris10 has the same configuration)

[global]

        workgroup = MYDOMAIN

        realm = MYDOMAIN.PRIVATE

        server string = ""

        netbios name = SOLARIS11

        security = ads

        client NTLMv2 auth = yes

        kerberos method = secrets and keytab

        hosts allow = 192.168.0.0/24 127.0.0.1

        debug level = 1

        log file = /var/samba/log/%m.log

        max log size = 5

        log level = 1

        syslog = 0

        utmp = Yes

        template shell = /usr/bin/bash

        template homedir = /export/home/%U

        winbind separator = /

        winbind enum users = yes

        winbind enum groups = yes

        winbind use default domain = yes

        encrypt passwords = yes

        invalid users = root

        socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192

        local master = no

        domain master = no

        dns proxy = no

        preserve case = yes

        short preserve case = no

        default case = lower

        case sensitive = no

        dos charset = cp850

        unix charset = iso8859-1

        map to guest = never

        restrict anonymous = 2

        hide dot files = yes

        server signing = yes

        ldap ssl = off

#idmap

        idmap config * : backend      = ldap

        idmap config * : range        = 10000-20000

        idmap config * : ldap_url     = ldap://linuxserver

        idmap config * : ldap_base_dn = ou=idmap,dc=ldap1,dc=mydomain,dc=private

        idmap config * : ldap_user_dn = cn=Manager,dc=ldap1,dc=mydomain,dc=private

The problem on solaris11(and hpux)

net ads join OK

net idmap store '*' secret OK

wbinfo -g OK

wbinfo -u OK

wbinfo -i user OK

id user OK

after reboot

wbinfo -i user return error (wbinfo ERR domain not avaliable)

wbinfo -u OK

wbinfo -g OK

On hpux i found a "fix",i delete on every reboot the winbind cache(sic!)

and work.

On solaris11 this don't work

Someone know a fix?

Thanks
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jan 31 2014
Added on Jan 3 2014
#oracle-solaris, #solaris-11
0 comments
1,057 views