Hi all,
My linux 2.6.5 users, authenticates to a win2k3 ads. The kinit is fine but when i run the getent passwd and group it does not show the combined users/groups. It displays only the linux user/groups Previously it did show the groups from the win2k3 but I have no idea what changes have been made on the Linux machine. Any idea what I should look out for and how to test it? I am using samba3.0.10 and krb5 1.3.6 and pam_krb5 2.0.10 packages for fedora core2. Nicholas ________________________________________________ Kerberos mailing list [hidden email] https://mailman.mit.edu/mailman/listinfo/kerberos |
Correction,
When I set the winbind domain correctly, I get the combined linux and win2k3 groups with the command getent group but I still do not get the combined users with the command getent passwd Any help? Nicholas On Tue, 2005-11-29 at 10:58, Nicholas A. Suppiah wrote: > Hi all, > > My linux 2.6.5 users, authenticates to a win2k3 ads. The kinit is fine > but when i run the getent passwd and group it does not show the combined > users/groups. It displays only the linux user/groups > > Previously it did show the groups from the win2k3 but I have no idea > what changes have been made on the Linux machine. Any idea what I should > look out for and how to test it? > > I am using samba3.0.10 and krb5 1.3.6 and pam_krb5 2.0.10 packages for > fedora core2. > > > Nicholas > ________________________________________________ > Kerberos mailing list [hidden email] > https://mailman.mit.edu/mailman/listinfo/kerberos Kerberos mailing list [hidden email] https://mailman.mit.edu/mailman/listinfo/kerberos |
On Tue, 2005-11-29 at 11:09 +0800, Nicholas A. Suppiah wrote:
> Correction, > > When I set the winbind domain correctly, I get the combined linux and > win2k3 groups with the command > getent group > > but I still do not get the combined users with the command > getent passwd > > Any help? Did you add "winbind" to the "passwd" line in your /etc/nsswitch.conf? Fredrik Tolf ________________________________________________ Kerberos mailing list [hidden email] https://mailman.mit.edu/mailman/listinfo/kerberos |
In reply to this post by Nicholas A. Suppiah
On Tue, 29 Nov 2005, Nicholas A. Suppiah wrote: > Hi all, > > My linux 2.6.5 users, authenticates to a win2k3 ads. The kinit is fine > but when i run the getent passwd and group it does not show the combined > users/groups. It displays only the linux user/groups > > Previously it did show the groups from the win2k3 but I have no idea > what changes have been made on the Linux machine. Any idea what I should > look out for and how to test it? > > I am using samba3.0.10 and krb5 1.3.6 and pam_krb5 2.0.10 packages for > fedora core2. I assume you're using winbind? Have you checked that: 1. Winbindd is running? 2. Nscd isn't running? 3. 'klist -5' doesn't show your kerberos tickets as expired? Bjørn -- Bjørn Tore Sund Phone: (+47) 555-84894 Stupidity is like a System administrator Fax: (+47) 555-89672 fractal; universal and Math. Department Mobile: (+47) 918 68075 infinitely repetitive. University of Bergen VIP: 81724 Support: http://bs.uib.no Contact: [hidden email] Direct: [hidden email] ________________________________________________ Kerberos mailing list [hidden email] https://mailman.mit.edu/mailman/listinfo/kerberos |
In reply to this post by Fredrik Tolf
Hi Tolf,
Yes, /etc/nsswitch.conf contains: passwd: files winbind ldap shadow: files winbind ldap group: files winbind ldap hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files winbind ldap rpc: files services: files winbind ldap netgroup: files winbind ldap publickey: winbind automount: files winbind ldap aliases: files ________________________________________________ Kerberos mailing list [hidden email] https://mailman.mit.edu/mailman/listinfo/kerberos |
In reply to this post by Nicholas A. Suppiah
I suspect entries under /etc/nsswitch.conf, please mention of the kerberos
for passwd, shadow and group entries. I am not sure though.. Regards. On 11/29/05, Nicholas A. Suppiah <[hidden email]> wrote: > > Hi all, > > My linux 2.6.5 users, authenticates to a win2k3 ads. The kinit is fine > but when i run the getent passwd and group it does not show the combined > users/groups. It displays only the linux user/groups > > Previously it did show the groups from the win2k3 but I have no idea > what changes have been made on the Linux machine. Any idea what I should > look out for and how to test it? > > I am using samba3.0.10 and krb5 1.3.6 and pam_krb5 2.0.10 packages for > fedora core2. > > > Nicholas > ________________________________________________ > Kerberos mailing list [hidden email] > https://mailman.mit.edu/mailman/listinfo/kerberos > -- Nikhil Google is Great ! ________________________________________________ Kerberos mailing list [hidden email] https://mailman.mit.edu/mailman/listinfo/kerberos |
In reply to this post by Bjorn Tore Sund
Hi Bjorn,
Winbind is running nsc is stopped and klist -5 shows the ticket last till tomorrow. == begin klist -5 === Default principal: [hidden email] Valid starting Expires Service principal 11/29/05 10:44:27 11/29/05 20:43:12 krbtgt/my.domain.my renew until 11/30/05 10:44:27 11/29/05 10:50:23 11/29/05 20:43:12 dcx2$@my.domain.my renew until 11/30/05 10:44:27 == end klist -5 === ________________________________________________ Kerberos mailing list [hidden email] https://mailman.mit.edu/mailman/listinfo/kerberos |
Free forum by Nabble | Edit this page |