[K12OSN] Users home dir on win2k3 server

john lists.john at gmail.com
Thu Nov 16 23:52:57 UTC 2006 

Hi Dan,

I think the comment re: default domain is correct. I use that option and I
don't see users in Domain\user format.

When I request a kerberos ticket I have to make sure and do my FQDN in all
caps so YOURDOMAINCONTROLLER.YOURDOMAIN.ORG

john

On 11/16/06, Daniel Kuecker <kueckerd at shenandoah.k12.ia.us> wrote:
>
> I do not know, the few places I have looked at show DOMAIN\USER. maybe
> they were not setup to use default domain.
>
>
>
> Thank you,
>
> Daniel Kuecker
> Technology Coordinator
> Shenandoah Community Schools
> (712) 246-1581
>
>
>
> >>> Dan Young <dyoung at mesd.k12.or.us> 11/16/06 5:09 PM >>>
> Isn't that due to this in your smb.conf?
>
> winbind use default domain = yes
>
> --
> Dan Young <dyoung at mesd.k12.or.us>
> Multnomah ESD -  Technology Services
> 503- 257- 1562
>
>
> Daniel Kuecker wrote:
> > i still get:
> > # kinit
> > kinit(v5): Client not found in Kerberos database while getting
> initial
> > credentials
> >
> > and i noticed when i do a wbinfo - u, it shows the USER, but doesn't
> > have the DOMAIN\USER format
> >
> >
> >
> >
> > Thank you,
> >
> > Daniel Kuecker
> > Technology Coordinator
> > Shenandoah Community Schools
> > (712) 246- 1581
> >
> >
> >
> >>>> "john " <lists.john at gmail.com> 11/16/06 4:25 PM >>>
> > Hi Daniel,
> >
> > You may wish to have:
> >
> > winbind enum users = yes
> > winbind enum groups = yes
> >
> > in your smb.conf. I think this will allow you to use getent to list
> > users
> > and groups. Here's the reference I am looking at:
> >
> > http://us5.samba.org/samba/docs/man/Samba-  HOWTO-
> > Collection/idmapper.html#id2609582
> >
> > I hope this helps.
> >
> > John
> >
> > On 11/16/06, Daniel Kuecker <kueckerd at shenandoah.k12.ia.us> wrote:
> >> thanks for your help, btw!
> >>
> >> this is the response for requesting the ticket:
> >>
> >> [root at hsthin ~]# kinit
> >> kinit(v5): Client not found in Kerberos database while getting
> > initial
> >> credentials
> >>
> >> [root at hsthin ~]# cat /etc/samba/smb.conf
> >> [global]
> >> workgroup = SHEN
> >> server string = Samba Server
> >> printcap name = /etc/printcap
> >> load printers = yes
> >> log file = /var/log/samba/%m.log
> >> max log size = 50
> >> security = ads
> >> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> >> dns proxy = no
> >> idmap uid = 16777216-  33554431
> >> idmap gid = 16777216-  33554431
> >> template shell = /bin/bash
> >> winbind use default domain = yes
> >> password server = thor.shen.local
> >> realm = SHEN.LOCAL
> >> wins server = thor.shen.local
> >> template homedir = /home/%U
> >>
> >>   logon home = 192.168.0.11\%u
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Thank you,
> >>
> >> Daniel Kuecker
> >> Technology Coordinator
> >> Shenandoah Community Schools
> >> (712) 246-  1581
> >>
> >>
> >>
> >>>>> "john " <lists.john at gmail.com> 11/16/06 3:36 PM >>>
> >> Go ahead and request a new ticket as outline in the Ubuntu howto I
> >> passed
> >> along. Make sure to list your domain in ALL CAPS. Also can you post
> >> your
> >> smb.conf file?
> >>
> >> John
> >>
> >> On 11/16/06, Daniel Kuecker <kueckerd at shenandoah.k12.ia.us> wrote:
> >>> it shows the following:
> >>>
> >>> [root at hsthin ~]# wbinfo -   g
> >>> BUILTIN\administrators
> >>> BUILTIN\users
> >>> Domain Computers
> >>> Domain Controllers
> >>> Schema Admins
> >>> Enterprise Admins
> >>> Domain Admins
> >>> Domain Users
> >>> Domain Guests
> >>> Group Policy Creator Owners
> >>> DnsUpdateProxy
> >>> Staff
> >>> Students
> >>> food
> >>> 8gradecomp
> >>>
> >>>
> >>> [root at hsthin ~]# wbinfo -   u | more
> >>> 14guylynn
> >>> angerothm
> >>> 10shelzach
> >>> 13garcsaul
> >>> 12dunnkend
> >>> 09jackmich
> >>> 09thedbrys
> >>> 16laturobe
> >>> hastingst
> >>> 16balddill
> >>> 10poeryan
> >>> 15studkins
> >>>
> >>>
> >>> i am looking at that page now.
> >>> also when i do kinit user i get the following:
> >>>
> >>> [root at hsthin ~]# kinit public
> >>> kinit(v5): Cannot resolve network address for KDC in requested
> > realm
> >>> while getting initial credentials
> >>>
> >>>
> >>>
> >>>
> >>> Thank you,
> >>>
> >>> Daniel Kuecker
> >>> Technology Coordinator
> >>> Shenandoah Community Schools
> >>> (712) 246-   1581
> >>>
> >>>
> >>>
> >>>>>> "john " <lists.john at gmail.com> 11/16/06 2:28 PM >>>
> >>> What does wbinfo -    u and wbinfo -    g show you?  Also before
> you
> > can
> >>> getent -    u
> >>> or -    g you'll need to have a valid  kerberos ticket. Take a
> look
> > at
> >>> this and
> >>> see if this helps:
> >>>
> >>> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
> >>>
> >>> John
> >>>
> >>> On 11/16/06, Daniel Kuecker <kueckerd at shenandoah.k12.ia.us> wrote:
> >>>> I just noticed that when i do a getent passwd, it only shows the
> >>> local
> >>>> unix users, and not the win2k3 ads users. any suggestions?
> >>>>
> >>>>
> >>>>
> >>>> Thank you,
> >>>>
> >>>> Daniel Kuecker
> >>>> Technology Coordinator
> >>>> Shenandoah Community Schools
> >>>> (712) 246-    1581
> >>>>
> >>>>
> >>>>
> >>>>>>> "Daniel Kuecker" <kueckerd at shenandoah.k12.ia.us> 11/16/06
> >> 10:40
> >>> AM
> >>>> Hello all!
> >>>> I have a wierd problem I cannot figure out. I have k12ltsp 5
> >> running
> >>>> with user authentication from a win2k3 server. there are no
> > local
> >>> user
> >>>> accounts (except the initial one i created). I then setup the
> >>>> pam_mount
> >>>> to mount the windows home dir to mount to a folder under
> >>> /home/user/X:
> >>>> everything seems to work fine, however, when accessing the the
> >>> windows
> >>>> share, the permissions show as owner=uucp group=wheel. the user
> >>> cannot
> >>>> access the share. if i list the /home/user/X: folder as root, it
> >>> list
> >>>> the permissions as owner=user group="bunch of numbers". i
> > followed
> >>> the
> >>>> instructions from the following site. please help, the students
> > at
> >>> my
> >>>> school do not want to use the thin client because they cannot
> >> access
> >>>> the
> >>>> windows home folder.
> >>>>
> >>>> http://math.univ-     lille1.fr/~hafidi/terminal-
> >>>> services/authentication_and_homedirs_on_windows.html
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Thank you,
> >>>>
> >>>> Daniel Kuecker
> >>>> Technology Coordinator
> >>>> Shenandoah Community Schools
> >>>> (712) 246-     1581
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> K12OSN mailing list
> >>>> K12OSN at redhat.com
> >>>> https://www.redhat.com/mailman/listinfo/k12osn
> >>>> For more info see <http://www.k12os.org>
> >>>>
> >>>> _______________________________________________
> >>>> K12OSN mailing list
> >>>> K12OSN at redhat.com
> >>>> https://www.redhat.com/mailman/listinfo/k12osn
> >>>> For more info see <http://www.k12os.org>
> >>>>
> >>> _______________________________________________
> >>> K12OSN mailing list
> >>> K12OSN at redhat.com
> >>> https://www.redhat.com/mailman/listinfo/k12osn
> >>> For more info see <http://www.k12os.org>
> >>>
> >> _______________________________________________
> >> K12OSN mailing list
> >> K12OSN at redhat.com
> >> https://www.redhat.com/mailman/listinfo/k12osn
> >> For more info see <http://www.k12os.org>
> >>
> >
> > _______________________________________________
> > K12OSN mailing list
> > K12OSN at redhat.com
> > https://www.redhat.com/mailman/listinfo/k12osn
> > For more info see <http://www.k12os.org>
> >
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20061116/81ad8a96/attachment.htm>

More information about the K12OSN mailing list