/srv/irclogs.ubuntu.com/2006/01/22/#ubuntu-server.txt

=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server
=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server
=== dfgas [n=dfgas@adsl-69-210-84-17.dsl.milwwi.ameritech.net] has joined #ubuntu-server
=== torkel_ [n=torkel@217.168.89.109] has joined #ubuntu-server
=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server
=== dfgas [n=dfgas@adsl-69-210-84-17.dsl.milwwi.ameritech.net] has joined #ubuntu-server
=== neuralis [n=krstic@hagen.kdb.hr] has joined #ubuntu-server
=== ealden [n=ealden@ipdial-166-155.tri-isys.com] has joined #ubuntu-server
=== ealden [n=ealden@ipdial-166-155.tri-isys.com] has joined #ubuntu-server
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server
=== Valandil [n=chrys@dslb-084-056-080-136.pools.arcor-ip.net] has joined #ubuntu-server
=== soumyadip [n=soumyadi@59.93.201.115] has joined #ubuntu-server
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server
=== lbm [n=lbm@cpe.atm4-0-1301006.0x50a0824e.vgnxx6.customer.tele.dk] has joined #ubuntu-server
=== soumyadip [n=soumyadi@59.93.201.115] has joined #ubuntu-server
=== MarioMeyer_ [n=meyer@ubuntu/member/mariomeyer] has joined #ubuntu-server
=== lionelp [n=lionel@10.21.96-84.rev.gaoland.net] has joined #ubuntu-server
=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server
=== soumyadip [n=soumyadi@59.93.200.216] has joined #ubuntu-server
=== infinity [n=adconrad@cerberus.0c3.net] has joined #ubuntu-server
=== spike_ [n=spike@81-179-107-221.dsl.pipex.com] has joined #ubuntu-server
=== spike_ is now known as spike
=== ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server
=== ajmitch_ [i=ajmitch@port169-187.ubs.maxnet.net.nz] has joined #ubuntu-server
=== mgalvin [n=mgalvin@ubuntu/member/mgalvin] has joined #ubuntu-server
=== digitalfallout [n=esharp@68-188-149-54.dhcp.aldl.mi.charter.com] has joined #ubuntu-server
=== [A] ndy80 [n=wettreyw@host98-157.pool8543.interbusiness.it] has joined #ubuntu-server
[A] ndy80hi03:58
[A] ndy80I've this configuration: a server with samba as PDC and with /home exported via NFS, a linux client that authenticate correctly to the DOMAIN using winbind and that mount /home remotely via NFS.... the problem is: when I login using DEBIANDOMAIN+claudio using client I can see the files on remote /home but I cannot write on it. Look at this strange thing: http://paste.ubuntu-nl.org/7265 the linux client doesn't know who 10104:00
[A] ndy800 UID is.04:00
[A] ndy80how can I fix this problem?04:00
lionelpwhat does an "id claudio" on the client tell you ?04:06
[A] ndy80lionelp: id: claudio: No such user04:07
[A] ndy80lionelp: claudio is only present on the server04:07
lionelpdo you add a winbind source in the /etc/nsswitch.conf on the client ?04:07
[A] ndy80lionelp: the authentication is centralized on the server and the client uses winbind to autenticate on the PDC04:07
lionelpOk04:07
lionelpYou have three *diffrent* things that are necessary for what you want04:08
lionelp- files sharing : done via nfs, ok04:08
lionelp- authentication : done with PAM probabily, and with pam_winbind i suppose04:08
[A] ndy80yes pam_winbind04:09
lionelp- identification : your user must be known by the system. That is the job of libnss04:09
lionelpso you have to configure your nsswitch.conf in order to get your users via winbind04:10
[A] ndy80lionelp: I configured it to do it... wanna check my nsswitch.conf ? I can paste somewhere....04:10
lionelphttp://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html04:11
lionelpcheck the Configure nsswitch.conf and the Winbind Libraries on Linux and Solaris section04:11
lionelpyeah, paste your nsswitch.conf somewhere :)04:11
[A] ndy80lionelp: I used that howto. Look here http://paste.ubuntu-nl.org/726604:11
[A] ndy80:)04:11
[A] ndy80idea!04:12
[A] ndy80passwd:         files winbind04:12
[A] ndy80maybe I've to change the order!   passwd:         winbind files04:12
lionelpyes, i saw04:12
[A] ndy80what do you think about it?04:12
lionelpno, it is correct04:13
[A] ndy80ah ok...04:13
lionelpdo you just modify your nsswitch.conf ?04:13
lionelp(i mean few minutes ago without rebooting)04:13
[A] ndy80no no... it is the same as two days ago :)04:13
[A] ndy80I didn't change it04:14
lionelpOk, so that's not a cache problem04:14
lionelpjust shut down nscd in case where (/etc/init.d/nscd stop)04:14
lionelpyou do not have any informations in auth.log or syslog ?04:15
[A] ndy80lionelp: you want to see auth.log on the server or on the client?04:19
lionelpon the client04:19
[A] ndy80ah ok... on the server I've: Jan 17 15:34:09 localhost pam_winbind[7973] : user 'DEBIANDOMAIN+claudio' granted access04:20
[A] ndy80no no!!04:20
[A] ndy80sorry04:20
[A] ndy80this is the client!04:20
lionelpyes, pam is ok04:20
lionelpyou dot not see any information on libnss ?04:21
[A] ndy80where do I have to see them?04:21
[A] ndy80on wich log file?04:21
lionelpauth.log04:21
[A] ndy80lionelp: http://paste.ubuntu-nl.org/726804:22
[A] ndy80a module is missing but I don't think it's related to my problem...04:23
lionelpno, it's not  a problem04:23
[A] ndy80lionelp: I'm reading this http://us3.samba.org/samba/docs/man/Samba-Guide/unixclients.html in particular "Technical Issues"... I cannot understand if this matches my problem... wanna give e look if you can?04:28
lionelpdid you shut down nscd ?04:29
lionelpit seems to be a big probem with winbind04:29
lionelp(i can't remember if it is  on the default install or not)04:29
[A] ndy80what is nscd?04:30
lionelpit is a cache daemon04:31
NafalloDescription: GNU C Library: Name Service Cache Daemon04:31
[A] ndy80lionelp: Do I have to stop it? How can I know if is it on?04:31
[A] ndy80thanks Nafallo04:31
lionelp check if you have it : dpkg -l nscd04:32
lionelpbut i think it is not installed by default04:32
[A] ndy80No packages found matching nscd.04:32
[A] ndy80it's not installed on the client04:32
[A] ndy80bingo!04:33
[A] ndy80look what getent passwd gives me on the client:04:34
[A] ndy80DEBIANDOMAIN+claudio:x:10002:10000::/home/DEBIANDOMAIN/claudio:/bin/bash04:34
[A] ndy80while on the server claudio is 101004:34
[A] ndy80could it be the problem?04:34
lionelphum... yeah !!!04:36
[A] ndy80client resolves claudio to 10002 not to 1010, using winbind...04:36
[A] ndy80:)04:36
[A] ndy80well.... how can I fix this situation :P ?04:36
lionelpsure :)04:37
lionelpcan you check what you have in your smb.conf (on the server) in idmap uid =04:37
[A] ndy80lionelp: there is this line:  idmap uid = 10000-20000 but it's commented!04:39
[A] ndy80do I have to decomment it?04:40
lionelpdecomment and do 1000-1000004:42
[A] ndy80and idmap gid?04:45
[A] ndy80same values?04:45
lionelpyep04:46
[A] ndy80lionelp: done... still same error...04:48
=== soumyadip [n=soumyadi@59.93.241.200] has joined #ubuntu-server
=== ealden [n=ealden@219.90.91.90] has joined #ubuntu-server
[A] ndy80lionelp: getent passwd executed on server gives me this: claudio:x:1010:1010:,,,:/home/DEBIANDOMAIN/claudio:/bin/bash04:52
[A] ndy80-__-04:52
[A] ndy80grrrrrr :\04:52
[A] ndy80one moment....04:57
[A] ndy80isn't it normal that local "claudio" user is 1010 and DEBIANDOMAIN+claudio is 10002? it could be that I've to set the owner of /home/DEBIANDOMAIN/claudio to DEBIANDOMAIN+claudio user not to claudio user... is it possible?04:58
[A] ndy80bingo! another time :)05:01
[A] ndy80lionelp: on server I did: chown -R 10002:10000 /home/DEBIANDOMAIN/claudio05:01
[A] ndy80now client "claudio" can write to that folder :)05:02
lionelpcool !05:07
[A] ndy80I'd like them to be the same.... :\05:10
[A] ndy80lionelp: I'm reading the winbind documentation.... winbind is not started on server! And I get an error trying to start it.05:35
[A] ndy80how can I check for error log?05:35
[A] ndy80I only see: Starting the Winbind daemon: winbind failed!05:36
lionelplook in /var/log/samba05:38
[A] ndy80no sorry... now is running....05:40
[A] ndy80O_o05:40
[A] ndy80I'm getting crazy -__-05:40
lionelp:)05:41
[A] ndy80lionelp: if I change the nsswitch.conf what Do i have to restart?05:46
lionelpnothing05:46
=== ajmitch [i=ajmitch@port164-8.ubs.maxnet.co.nz] has joined #ubuntu-server
[A] ndy80ok....05:48
[A] ndy80don't know...05:48
[A] ndy80thanks anyway, I've to go now :(05:48
[A] ndy80see ya next time!05:48
[A] ndy80thanks again!05:48
=== Pygi [n=mario@83-131-248-12.adsl.net.t-com.hr] has joined #ubuntu-server
Pygijoin #fama06:00
Pygibah :/06:00
=== beezly [n=beezly@2001:630:63:16:230:1bff:feb7:2528] has joined #ubuntu-server
=== Valandil [n=chrys@dslb-084-056-104-208.pools.arcor-ip.net] has joined #ubuntu-server
Pygio, welcome valandil06:35
spikeanybody with experience running openswan+26sec|KLIPS and Kame that can spend a few words on it? besides the known stuff, KLIPS creating vpn devices, 26sec problems history and similar06:39
spikemostly I'm curios if any of the two offer advantages in terms of interoperability with appliances like cisco pix06:39
spikeI was reading up on openswan, and NAT-T interoperability with ciscos is unknown06:40
=== lionelp [n=lionel@ip-128.net-82-216-65.rev.numericable.fr] has joined #ubuntu-server
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server
=== MarioMeyer [n=meyer@ubuntu/member/mariomeyer] has joined #ubuntu-server
Pygio, chara :P08:39
=== _torkel [n=torkel@217.168.89.82] has joined #ubuntu-server
=== mipe [n=michael@135-2-124-83.dsl.3u.net] has joined #ubuntu-server

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!