Discussion:
/usr/local/samba/sbin/winbindd broken?
(too old to reply)
Rowland Penny
2012-08-29 14:51:25 UTC
Permalink
Hi,
As some of you may know, I have been testing nmbd,smbd & winbindd from
Samba 4 as a client.
Well, after a good bit of testing and scratching of head, I have come to
the conclusion that something in the /usr/local/samba/sbin/winbindd
daemon is broken.

If, on a Samba 3.6.3 client, I type the command 'getent group', I only
get the local users, on the Samba 4 client I get the local users plus
ALL the domain groups, but all the info is the domain info not the POSIX
info, for example:

domain_admins:x:1117:administrator

On the S3 client 'getent group Domain\ Computers' returns nothing
because 'Domain Computers' is not a POSIX group, but on the S4 client
'getent group Domain\ Computers' returns:

domain_computers:x:1114:

With 'getent passwd rowland' it is just the same, samba4 client returns:

rowland:*:1105:1103:rowland:/home/HOME/rowland:/bin/bash

This is what the S3 client returns:

rowland:*:3000016:3000012:rowland:/home/HOME/linuxusers/rowland:/bin/bash

A bit different isn't it? and the S3 client returns the same info that
the samba4 server does

This is what is in the smb.conf on both clients:

winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind expand groups = 4
winbind nss info = rfc2307
winbind refresh tickets = Yes
winbind offline logon = yes
winbind normalize names = Yes
idmap config HOME:schema_mode = rfc2307
idmap config HOME:range = 20000-3100000
idmap config HOME:backend = ad
idmap config *:range = 1100-2000
idmap config *:backend = tdb

I have created the symlink to libnss_winbind.so.2, I get nothing without
this, I have also altered nsswitch.conf.

My feelings are that, winbindd on a samba4 client is ignoring the first
three idmap lines, but I do not know how to confirm this.

So, unless the idea is to move to just using ms domain info and
forgetting POSIX, I think that /usr/local/samba/sbin/winbindd is broken,
unless somebody has any other suggestions that I can try?

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
steve
2012-08-29 15:13:22 UTC
Permalink
Post by Rowland Penny
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind expand groups = 4
winbind nss info = rfc2307
winbind refresh tickets = Yes
winbind offline logon = yes
winbind normalize names = Yes
idmap config HOME:schema_mode = rfc2307
idmap config HOME:range = 20000-3100000
idmap config HOME:backend = ad
idmap config *:range = 1100-2000
idmap config *:backend = tdb
Hi Rowland.
It took me a long time to work this one out and without Géza I'd never
have got it. Here's as plain an explanation as I can manage.

This smb.conf will work only for the S3 client. None of this is valid
nor understood by Samba4. All you need on the S4 client (under [global]) is:
idmap_ldb:use rfc2307 = Yes
Delete what you have and replace it simply with that one line.

Let us know it it now maps OK. Oh, I think you have to restart Samba4
for it to re-read the smb.conf.

HTH
Steve
steve
2012-08-29 15:23:43 UTC
Permalink
. . .Forgot to say,
idmap_ldb:use rfc2307 = Yes
only pulls uidNumber and gidNumber from AD

If you want the S4 client to pull everything, including unixomeDirectory
and loginShell, then you have to use e.g. nss-pam-ldapd. And change
nsswitch to:
passwd: files ldap
group: files ldap

It works great and makes winbindd look like snail mail:) I have the
config on my blog.

Cheers,
Steve
Rowland Penny
2012-08-29 16:07:26 UTC
Permalink
Post by steve
Post by Rowland Penny
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind expand groups = 4
winbind nss info = rfc2307
winbind refresh tickets = Yes
winbind offline logon = yes
winbind normalize names = Yes
idmap config HOME:schema_mode = rfc2307
idmap config HOME:range = 20000-3100000
idmap config HOME:backend = ad
idmap config *:range = 1100-2000
idmap config *:backend = tdb
Hi Rowland.
It took me a long time to work this one out and without Géza I'd never
have got it. Here's as plain an explanation as I can manage.
This smb.conf will work only for the S3 client. None of this is valid
nor understood by Samba4. All you need on the S4 client (under
idmap_ldb:use rfc2307 = Yes
Delete what you have and replace it simply with that one line.
Let us know it it now maps OK. Oh, I think you have to restart Samba4
for it to re-read the smb.conf.
HTH
Steve
Hi Steve, I will give it a try, but I thought this was just for the
samba4 builtin winbind, I am not using that, I am using the separate
/usr/local/samba/sbin/winbindd.

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Rowland Penny
2012-08-29 16:31:05 UTC
Permalink
Post by Rowland Penny
Post by steve
Post by Rowland Penny
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind expand groups = 4
winbind nss info = rfc2307
winbind refresh tickets = Yes
winbind offline logon = yes
winbind normalize names = Yes
idmap config HOME:schema_mode = rfc2307
idmap config HOME:range = 20000-3100000
idmap config HOME:backend = ad
idmap config *:range = 1100-2000
idmap config *:backend = tdb
Hi Rowland.
It took me a long time to work this one out and without Géza I'd
never have got it. Here's as plain an explanation as I can manage.
This smb.conf will work only for the S3 client. None of this is valid
nor understood by Samba4. All you need on the S4 client (under
idmap_ldb:use rfc2307 = Yes
Delete what you have and replace it simply with that one line.
Let us know it it now maps OK. Oh, I think you have to restart Samba4
for it to re-read the smb.conf.
HTH
Steve
Hi Steve, I will give it a try, but I thought this was just for the
samba4 builtin winbind, I am not using that, I am using the separate
/usr/local/samba/sbin/winbindd.
Rowland
Hi Steve
Sorry, no go, with just that line in smb.conf:

testparm
Load smb config files from /usr/local/samba/etc/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
idmap_ldb:use rfc2307 = Yes
idmap config * : backend = tdb <- I did not add this

So, put the top of my old smb.conf back:

testparm
Load smb config files from /usr/local/samba/etc/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions

[global]
workgroup = HOME
realm = home.lan
server string = Test Samba Server
security = ADS
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
template shell = /bin/bash
idmap_ldb:use rfc2307 = Yes
idmap config * : backend = tdb

Try and join again:

testserver ~ # net ads join -U ***@HOME.LAN
Enter ***@HOME.LAN's password:

It just sits there doing nothing (and yes, I did enter the password), I
cannot find anything in the logs on the client or the server.

So, I come back to my original statement, /usr/local/samba/sbin/winbindd
is borked!

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
steve
2012-08-29 17:46:14 UTC
Permalink
Post by Rowland Penny
Hi Steve, I will give it a try, but I thought this was just for the
samba4 builtin winbind, I am not using that, I am using the separate
/usr/local/samba/sbin/winbindd.
Rowland
Hi Rowland
Ah, I see. yes of course. I should read more carefully. You're not
running the built in winbind in samba. If you're using winbindd then I
believe that that is supposed to be the same as the winbind (that works
predictably) with S3.
Steve
steve
2012-08-29 17:54:00 UTC
Permalink
Post by Rowland Penny
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
[global]
workgroup = HOME
realm = home.lan
server string = Test Samba Server
security = ADS
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
template shell = /bin/bash
idmap_ldb:use rfc2307 = Yes
idmap config * : backend = tdb
It just sits there doing nothing (and yes, I did enter the password), I
cannot find anything in the logs on the client or the server.
So, I come back to my original statement, /usr/local/samba/sbin/winbindd
is borked!
Rowland
Hi
net ads leave first? Or had you already left?

Or how about trying:
samba-tool domain join member -UAdministrator
Cheers,
Steve
Rowland Penny
2012-08-29 18:03:12 UTC
Permalink
Post by steve
Post by Rowland Penny
Hi Steve, I will give it a try, but I thought this was just for the
samba4 builtin winbind, I am not using that, I am using the separate
/usr/local/samba/sbin/winbindd.
Rowland
Hi Rowland
Ah, I see. yes of course. I should read more carefully. You're not
running the built in winbind in samba. If you're using winbindd then I
believe that that is supposed to be the same as the winbind (that
works predictably) with S3.
Steve
Hi Steve, Hi All,

I thought that was what you thought ;-)

Yes, it works on S3, the **** thing does not work on S4.

I just wish one of the devs would explain why not.

If the plan is that S4 will replace S3 eventually, with the Samba daemon
for an AD dc and nmbd,smbd,winbindd for clients, then at the moment, the
client bit is not working.

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Rowland Penny
2012-08-29 18:19:12 UTC
Permalink
Post by steve
Post by Rowland Penny
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
[global]
workgroup = HOME
realm = home.lan
server string = Test Samba Server
security = ADS
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
template shell = /bin/bash
idmap_ldb:use rfc2307 = Yes
idmap config * : backend = tdb
It just sits there doing nothing (and yes, I did enter the password), I
cannot find anything in the logs on the client or the server.
So, I come back to my original statement, /usr/local/samba/sbin/winbindd
is borked!
Rowland
Hi
net ads leave first? Or had you already left?
samba-tool domain join member -UAdministrator
Cheers,
Steve
Hi Steve,

I am just doing what I would do and have done with S3 clients, I can
join, I can pull info with getent, I just do not get any POSIX info.

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Kai Blin
2012-08-30 07:54:46 UTC
Permalink
On 2012-08-29 16:51, Rowland Penny wrote:

Hi Rowland,
Post by Rowland Penny
As some of you may know, I have been testing nmbd,smbd & winbindd from
Samba 4 as a client.
Well, after a good bit of testing and scratching of head, I have come to
the conclusion that something in the /usr/local/samba/sbin/winbindd
daemon is broken.
Ok, just to be sure, on the S4 client, you're running smbd, nmbd and
winbindd, but not the "samba" binary?

Anything interesting in the winbind logs?

Cheers,
Ka
--
Kai Blin
Worldforge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
Rowland Penny
2012-08-30 08:55:19 UTC
Permalink
Post by Kai Blin
Hi Rowland,
As some of you may know, I have been testing nmbd,smbd& winbindd from
Samba 4 as a client.
Well, after a good bit of testing and scratching of head, I have come to
the conclusion that something in the /usr/local/samba/sbin/winbindd
daemon is broken.
Ok, just to be sure, on the S4 client, you're running smbd, nmbd and
winbindd, but not the "samba" binary?
Anything interesting in the winbind logs?
Cheers,
Ka
I am just running the three daemons:

ps ax | grep samba
2914 ? Ss 0:00 /usr/local/samba/sbin/nmbd -D
2916 ? Ss 0:00 /usr/local/samba/sbin/smbd -D
2917 ? S 0:00 /usr/local/samba/sbin/smbd -D
2919 ? Ss 0:00 /usr/local/samba/sbin/winbindd -D
2921 ? S 0:00 /usr/local/samba/sbin/winbindd -D

There is nothing in the logs apart from showing the daemons starting &
stopping. I have even looked in the logs on the server, nothing there
either.

Stop me if I am wrong, but as far as I am aware, winbind is supposed to
pull the posix info from the server database. If this is so, then
/usr/local/samba/sbin/winbindd is broken, as I only get the non-posix
info i.e. it does not work like S3 winbind.

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
steve
2012-08-30 09:18:18 UTC
Permalink
Post by Rowland Penny
Post by Kai Blin
Hi Rowland,
As some of you may know, I have been testing nmbd,smbd& winbindd from
Samba 4 as a client.
Well, after a good bit of testing and scratching of head, I have come to
the conclusion that something in the /usr/local/samba/sbin/winbindd
daemon is broken.
Ok, just to be sure, on the S4 client, you're running smbd, nmbd and
winbindd, but not the "samba" binary?
Anything interesting in the winbind logs?
Cheers,
Ka
ps ax | grep samba
2914 ? Ss 0:00 /usr/local/samba/sbin/nmbd -D
2916 ? Ss 0:00 /usr/local/samba/sbin/smbd -D
2917 ? S 0:00 /usr/local/samba/sbin/smbd -D
2919 ? Ss 0:00 /usr/local/samba/sbin/winbindd -D
2921 ? S 0:00 /usr/local/samba/sbin/winbindd -D
There is nothing in the logs apart from showing the daemons starting &
stopping. I have even looked in the logs on the server, nothing there
either.
Stop me if I am wrong, but as far as I am aware, winbind is supposed to
pull the posix info from the server database. If this is so, then
/usr/local/samba/sbin/winbindd is broken, as I only get the non-posix
info i.e. it does not work like S3 winbind.
Rowland
Hi
Just to be utterly and 100%'ly correct. As I see it: Rowland is using a
Samba4 installation as a client. He has a Samba4 DC running on another
box. He is simply trying to use winbindd on his client to extract posix
information from his Samba4 DC. As indeed he can with a Samba3 client.

So, to test Samba4 as a client, he should be able to take his smb.conf
from a Samba3 client and drop it into /usr/local/samba/etc/samba/etc,
join the domain and have it behave _exactly_ the same.

If Samba4 is a replacement for Samba3 as advertised, then his setup
proves that something is wrong with the winbindd implementation in
Samba4 as it is not pulling rfc2307 posix attributes from AD.

Always with the proviso that the samba is _not_ running on the Samba4
client but _is_ running on his DC.

Summary:
Samba4 DC: samba
Samba4 Client: smbd, nmbd, winbindd

Have I got that right?
Cheers,
Steve
Rowland Penny
2012-08-30 09:38:17 UTC
Permalink
Post by steve
Post by Rowland Penny
Post by Kai Blin
Hi Rowland,
As some of you may know, I have been testing nmbd,smbd& winbindd from
Samba 4 as a client.
Well, after a good bit of testing and scratching of head, I have
come to
the conclusion that something in the /usr/local/samba/sbin/winbindd
daemon is broken.
Ok, just to be sure, on the S4 client, you're running smbd, nmbd and
winbindd, but not the "samba" binary?
Anything interesting in the winbind logs?
Cheers,
Ka
ps ax | grep samba
2914 ? Ss 0:00 /usr/local/samba/sbin/nmbd -D
2916 ? Ss 0:00 /usr/local/samba/sbin/smbd -D
2917 ? S 0:00 /usr/local/samba/sbin/smbd -D
2919 ? Ss 0:00 /usr/local/samba/sbin/winbindd -D
2921 ? S 0:00 /usr/local/samba/sbin/winbindd -D
There is nothing in the logs apart from showing the daemons starting &
stopping. I have even looked in the logs on the server, nothing there
either.
Stop me if I am wrong, but as far as I am aware, winbind is supposed to
pull the posix info from the server database. If this is so, then
/usr/local/samba/sbin/winbindd is broken, as I only get the non-posix
info i.e. it does not work like S3 winbind.
Rowland
Hi
Just to be utterly and 100%'ly correct. As I see it: Rowland is using
a Samba4 installation as a client. He has a Samba4 DC running on
another box. He is simply trying to use winbindd on his client to
extract posix information from his Samba4 DC. As indeed he can with a
Samba3 client.
So, to test Samba4 as a client, he should be able to take his smb.conf
from a Samba3 client and drop it into /usr/local/samba/etc/samba/etc,
join the domain and have it behave _exactly_ the same.
If Samba4 is a replacement for Samba3 as advertised, then his setup
proves that something is wrong with the winbindd implementation in
Samba4 as it is not pulling rfc2307 posix attributes from AD.
Always with the proviso that the samba is _not_ running on the Samba4
client but _is_ running on his DC.
Samba4 DC: samba
Samba4 Client: smbd, nmbd, winbindd
Have I got that right?
Cheers,
Steve
Hi Steve & everybody

Well nearly, the Samba4 client is correct, but the smbd daemon is also
running on the Samba4 DC, I did not start this, the samba daemon did.

List of daemons running on S4 Client:

3131 ? Ss 0:00 /usr/local/samba/sbin/nmbd -D
3133 ? Ss 0:00 /usr/local/samba/sbin/smbd -D
3134 ? S 0:00 /usr/local/samba/sbin/smbd -D
3136 ? Ss 0:00 /usr/local/samba/sbin/winbindd -D
3138 ? S 0:00 /usr/local/samba/sbin/winbindd -D
3141 ? S 0:00 /usr/local/samba/sbin/winbindd -D

List of daemons running on S4 DC:

17020 ? Ss 0:01 /usr/local/samba/sbin/samba
17023 ? S 0:00 /usr/local/samba/sbin/samba
17024 ? S 0:11 /usr/local/samba/sbin/samba
17025 ? Ss 0:06 /usr/local/samba/sbin/smbd --configfile
/usr/local/samba/private/smbd.tmp/fileserver.conf --foreground
17026 ? S 0:00 /usr/local/samba/sbin/samba
17027 ? S 0:00 /usr/local/samba/sbin/samba
17028 ? S 0:12 /usr/local/samba/sbin/samba
17029 ? S 0:03 /usr/local/samba/sbin/samba
17030 ? S 0:04 /usr/local/samba/sbin/samba
17031 ? S 3:51 /usr/local/samba/sbin/samba
17032 ? S 0:01 /usr/local/samba/sbin/samba
17033 ? S 0:00 /usr/local/samba/sbin/samba
17034 ? S 1:27 /usr/local/samba/sbin/samba
17035 ? S 0:05 /usr/local/samba/sbin/samba
22765 ? S 0:00 /usr/local/samba/sbin/smbd --configfile
/usr/local/samba/private/smbd.tmp/fileserver.conf --foreground
22766 ? S 0:00 /usr/local/samba/sbin/smbd --configfile
/usr/local/samba/private/smbd.tmp/fileserver.conf --foreground

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Kai Blin
2012-08-30 09:46:06 UTC
Permalink
On 2012-08-30 10:55, Rowland Penny wrote:
(now with samba-technical on CC again, sorry for the repost Rowland)

Hi Rowland,

I just wanted to make sure that you're not running the winbind service
included in the 'samba' binary, as that's very different and doesn't
support many of the idmapping options the 'winbindd' binary provides.
Post by Rowland Penny
Stop me if I am wrong, but as far as I am aware, winbind is supposed to
pull the posix info from the server database. If this is so, then
/usr/local/samba/sbin/winbindd is broken, as I only get the non-posix
info i.e. it does not work like S3 winbind.
The interesting question would be finding out what is different. The
code in winbindd from the "master" branch (which is what people here
keep calling S4) should be pretty similar to the code from the 3.6
release branch.

Now, to get a clearer view of your setup, I take it that you're using
nss_winbind, right?

You said you were having issues joining the AD from the client. It's
probably worth starting to debug that.

As far as I see,
rowland:*:1105:1103:rowland:/home/HOME/rowland:/bin/bash
means that winbind is in fact mapping the user, it's just falling back
to the default entry instead of using the AD information. This looks
like there's some issue in the client<->AD trusts.
On the s4 client, can you recheck if the 'net' binary you're calling is
the one you compiled? I've had two net binaries installed once and all
my machine keys ended up in the wrong database.

Cheers,
Kai
--
Kai Blin
Worldforge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
Rowland Penny
2012-08-30 10:14:19 UTC
Permalink
Post by Kai Blin
(now with samba-technical on CC again, sorry for the repost Rowland)
Hi Rowland,
I just wanted to make sure that you're not running the winbind service
included in the 'samba' binary, as that's very different and doesn't
support many of the idmapping options the 'winbindd' binary provides.
Post by Rowland Penny
Stop me if I am wrong, but as far as I am aware, winbind is supposed to
pull the posix info from the server database. If this is so, then
/usr/local/samba/sbin/winbindd is broken, as I only get the non-posix
info i.e. it does not work like S3 winbind.
The interesting question would be finding out what is different. The
code in winbindd from the "master" branch (which is what people here
keep calling S4) should be pretty similar to the code from the 3.6
release branch.
Now, to get a clearer view of your setup, I take it that you're using
nss_winbind, right?
If you mean, have I created the symlink from /lib/libnss_winbind.so.2 to
/usr/local/samba/lib/libnss_winbind.so.2 and added winbind to
/etc/nsswitch.conf, then yes.
Post by Kai Blin
You said you were having issues joining the AD from the client. It's
probably worth starting to debug that.
I was only having trouble joining when I tried out something Steve
suggested, joining is normally no trouble.
Post by Kai Blin
As far as I see,
rowland:*:1105:1103:rowland:/home/HOME/rowland:/bin/bash
means that winbind is in fact mapping the user, it's just falling back
to the default entry instead of using the AD information. This looks
like there's some issue in the client<->AD trusts.
On the s4 client, can you recheck if the 'net' binary you're calling is
the one you compiled? I've had two net binaries installed once and all
my machine keys ended up in the wrong database.
Cheers,
Kai
which net
/usr/local/samba/bin/net

/usr/local/samba/bin/net -V
Version 4.0.0beta8-GIT-e39cce4

net -V
Version 4.0.0beta8-GIT-e39cce4

I have also checked every dir in my path, and it is only installed once.
I removed all traces of S3 before
compiling S4.

Thanks for the help.

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Rowland Penny
2012-09-01 13:10:18 UTC
Permalink
Post by Rowland Penny
Post by Kai Blin
(now with samba-technical on CC again, sorry for the repost Rowland)
Hi Rowland,
I just wanted to make sure that you're not running the winbind service
included in the 'samba' binary, as that's very different and doesn't
support many of the idmapping options the 'winbindd' binary provides.
Post by Rowland Penny
Stop me if I am wrong, but as far as I am aware, winbind is supposed to
pull the posix info from the server database. If this is so, then
/usr/local/samba/sbin/winbindd is broken, as I only get the non-posix
info i.e. it does not work like S3 winbind.
The interesting question would be finding out what is different. The
code in winbindd from the "master" branch (which is what people here
keep calling S4) should be pretty similar to the code from the 3.6
release branch.
Now, to get a clearer view of your setup, I take it that you're using
nss_winbind, right?
If you mean, have I created the symlink from /lib/libnss_winbind.so.2
to /usr/local/samba/lib/libnss_winbind.so.2 and added winbind to
/etc/nsswitch.conf, then yes.
Post by Kai Blin
You said you were having issues joining the AD from the client. It's
probably worth starting to debug that.
I was only having trouble joining when I tried out something Steve
suggested, joining is normally no trouble.
Post by Kai Blin
As far as I see,
rowland:*:1105:1103:rowland:/home/HOME/rowland:/bin/bash
means that winbind is in fact mapping the user, it's just falling back
to the default entry instead of using the AD information. This looks
like there's some issue in the client<->AD trusts.
On the s4 client, can you recheck if the 'net' binary you're calling is
the one you compiled? I've had two net binaries installed once and all
my machine keys ended up in the wrong database.
Cheers,
Kai
which net
/usr/local/samba/bin/net
/usr/local/samba/bin/net -V
Version 4.0.0beta8-GIT-e39cce4
net -V
Version 4.0.0beta8-GIT-e39cce4
I have also checked every dir in my path, and it is only installed
once. I removed all traces of S3 before
compiling S4.
Thanks for the help.
Rowland
OK, I did a git pull and compiled again, I am now running Version
4.0.0beta9-GIT-d5f845c

Still the same problem, but nothing in the logs so I upped the log level
to 4 and got this in log.winbindd:

[2012/09/01 13:34:01.536460, 3]
../source3/winbindd/winbindd_getpwent.c:50(winbindd_getpwent_send)
[32427]: getpwent
[2012/09/01 13:34:01.544229, 3]
../source3/winbindd/nss_info.c:248(nss_init)
nss_init: no nss backends configured. Defaulting to "template".
[2012/09/01 13:34:01.544474, 4]
../source3/winbindd/nss_info.c:343(nss_map_to_alias)
nss_map_to_alias: Failed to find nss domain pointer for HOME


To me, it seems to be saying that the nss backend is not set, but I have
the line 'winbind nss info = rfc2307' in /usr/local/samba/etc/smb.conf

Anybody have any suggestions how I can fix this?

Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Loading...