=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server | ||
=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server | ||
=== dfgas [n=dfgas@adsl-69-210-84-17.dsl.milwwi.ameritech.net] has joined #ubuntu-server | ||
=== torkel_ [n=torkel@217.168.89.109] has joined #ubuntu-server | ||
=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server | ||
=== dfgas [n=dfgas@adsl-69-210-84-17.dsl.milwwi.ameritech.net] has joined #ubuntu-server | ||
=== neuralis [n=krstic@hagen.kdb.hr] has joined #ubuntu-server | ||
=== ealden [n=ealden@ipdial-166-155.tri-isys.com] has joined #ubuntu-server | ||
=== ealden [n=ealden@ipdial-166-155.tri-isys.com] has joined #ubuntu-server | ||
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server | ||
=== Valandil [n=chrys@dslb-084-056-080-136.pools.arcor-ip.net] has joined #ubuntu-server | ||
=== soumyadip [n=soumyadi@59.93.201.115] has joined #ubuntu-server | ||
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server | ||
=== lbm [n=lbm@cpe.atm4-0-1301006.0x50a0824e.vgnxx6.customer.tele.dk] has joined #ubuntu-server | ||
=== soumyadip [n=soumyadi@59.93.201.115] has joined #ubuntu-server | ||
=== MarioMeyer_ [n=meyer@ubuntu/member/mariomeyer] has joined #ubuntu-server | ||
=== lionelp [n=lionel@10.21.96-84.rev.gaoland.net] has joined #ubuntu-server | ||
=== _torkel [n=torkel@217.168.89.109] has joined #ubuntu-server | ||
=== soumyadip [n=soumyadi@59.93.200.216] has joined #ubuntu-server | ||
=== infinity [n=adconrad@cerberus.0c3.net] has joined #ubuntu-server | ||
=== spike_ [n=spike@81-179-107-221.dsl.pipex.com] has joined #ubuntu-server | ||
=== spike_ is now known as spike | ||
=== ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server | ||
=== ajmitch_ [i=ajmitch@port169-187.ubs.maxnet.net.nz] has joined #ubuntu-server | ||
=== mgalvin [n=mgalvin@ubuntu/member/mgalvin] has joined #ubuntu-server | ||
=== digitalfallout [n=esharp@68-188-149-54.dhcp.aldl.mi.charter.com] has joined #ubuntu-server | ||
=== [A] ndy80 [n=wettreyw@host98-157.pool8543.interbusiness.it] has joined #ubuntu-server | ||
[A] ndy80 | hi | 03:58 |
---|---|---|
[A] ndy80 | I've this configuration: a server with samba as PDC and with /home exported via NFS, a linux client that authenticate correctly to the DOMAIN using winbind and that mount /home remotely via NFS.... the problem is: when I login using DEBIANDOMAIN+claudio using client I can see the files on remote /home but I cannot write on it. Look at this strange thing: http://paste.ubuntu-nl.org/7265 the linux client doesn't know who 101 | 04:00 |
[A] ndy80 | 0 UID is. | 04:00 |
[A] ndy80 | how can I fix this problem? | 04:00 |
lionelp | what does an "id claudio" on the client tell you ? | 04:06 |
[A] ndy80 | lionelp: id: claudio: No such user | 04:07 |
[A] ndy80 | lionelp: claudio is only present on the server | 04:07 |
lionelp | do you add a winbind source in the /etc/nsswitch.conf on the client ? | 04:07 |
[A] ndy80 | lionelp: the authentication is centralized on the server and the client uses winbind to autenticate on the PDC | 04:07 |
lionelp | Ok | 04:07 |
lionelp | You have three *diffrent* things that are necessary for what you want | 04:08 |
lionelp | - files sharing : done via nfs, ok | 04:08 |
lionelp | - authentication : done with PAM probabily, and with pam_winbind i suppose | 04:08 |
[A] ndy80 | yes pam_winbind | 04:09 |
lionelp | - identification : your user must be known by the system. That is the job of libnss | 04:09 |
lionelp | so you have to configure your nsswitch.conf in order to get your users via winbind | 04:10 |
[A] ndy80 | lionelp: I configured it to do it... wanna check my nsswitch.conf ? I can paste somewhere.... | 04:10 |
lionelp | http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html | 04:11 |
lionelp | check the Configure nsswitch.conf and the Winbind Libraries on Linux and Solaris section | 04:11 |
lionelp | yeah, paste your nsswitch.conf somewhere :) | 04:11 |
[A] ndy80 | lionelp: I used that howto. Look here http://paste.ubuntu-nl.org/7266 | 04:11 |
[A] ndy80 | :) | 04:11 |
[A] ndy80 | idea! | 04:12 |
[A] ndy80 | passwd: files winbind | 04:12 |
[A] ndy80 | maybe I've to change the order! passwd: winbind files | 04:12 |
lionelp | yes, i saw | 04:12 |
[A] ndy80 | what do you think about it? | 04:12 |
lionelp | no, it is correct | 04:13 |
[A] ndy80 | ah ok... | 04:13 |
lionelp | do you just modify your nsswitch.conf ? | 04:13 |
lionelp | (i mean few minutes ago without rebooting) | 04:13 |
[A] ndy80 | no no... it is the same as two days ago :) | 04:13 |
[A] ndy80 | I didn't change it | 04:14 |
lionelp | Ok, so that's not a cache problem | 04:14 |
lionelp | just shut down nscd in case where (/etc/init.d/nscd stop) | 04:14 |
lionelp | you do not have any informations in auth.log or syslog ? | 04:15 |
[A] ndy80 | lionelp: you want to see auth.log on the server or on the client? | 04:19 |
lionelp | on the client | 04:19 |
[A] ndy80 | ah ok... on the server I've: Jan 17 15:34:09 localhost pam_winbind[7973] : user 'DEBIANDOMAIN+claudio' granted access | 04:20 |
[A] ndy80 | no no!! | 04:20 |
[A] ndy80 | sorry | 04:20 |
[A] ndy80 | this is the client! | 04:20 |
lionelp | yes, pam is ok | 04:20 |
lionelp | you dot not see any information on libnss ? | 04:21 |
[A] ndy80 | where do I have to see them? | 04:21 |
[A] ndy80 | on wich log file? | 04:21 |
lionelp | auth.log | 04:21 |
[A] ndy80 | lionelp: http://paste.ubuntu-nl.org/7268 | 04:22 |
[A] ndy80 | a module is missing but I don't think it's related to my problem... | 04:23 |
lionelp | no, it's not a problem | 04:23 |
[A] ndy80 | lionelp: I'm reading this http://us3.samba.org/samba/docs/man/Samba-Guide/unixclients.html in particular "Technical Issues"... I cannot understand if this matches my problem... wanna give e look if you can? | 04:28 |
lionelp | did you shut down nscd ? | 04:29 |
lionelp | it seems to be a big probem with winbind | 04:29 |
lionelp | (i can't remember if it is on the default install or not) | 04:29 |
[A] ndy80 | what is nscd? | 04:30 |
lionelp | it is a cache daemon | 04:31 |
Nafallo | Description: GNU C Library: Name Service Cache Daemon | 04:31 |
[A] ndy80 | lionelp: Do I have to stop it? How can I know if is it on? | 04:31 |
[A] ndy80 | thanks Nafallo | 04:31 |
lionelp | check if you have it : dpkg -l nscd | 04:32 |
lionelp | but i think it is not installed by default | 04:32 |
[A] ndy80 | No packages found matching nscd. | 04:32 |
[A] ndy80 | it's not installed on the client | 04:32 |
[A] ndy80 | bingo! | 04:33 |
[A] ndy80 | look what getent passwd gives me on the client: | 04:34 |
[A] ndy80 | DEBIANDOMAIN+claudio:x:10002:10000::/home/DEBIANDOMAIN/claudio:/bin/bash | 04:34 |
[A] ndy80 | while on the server claudio is 1010 | 04:34 |
[A] ndy80 | could it be the problem? | 04:34 |
lionelp | hum... yeah !!! | 04:36 |
[A] ndy80 | client resolves claudio to 10002 not to 1010, using winbind... | 04:36 |
[A] ndy80 | :) | 04:36 |
[A] ndy80 | well.... how can I fix this situation :P ? | 04:36 |
lionelp | sure :) | 04:37 |
lionelp | can you check what you have in your smb.conf (on the server) in idmap uid = | 04:37 |
[A] ndy80 | lionelp: there is this line: idmap uid = 10000-20000 but it's commented! | 04:39 |
[A] ndy80 | do I have to decomment it? | 04:40 |
lionelp | decomment and do 1000-10000 | 04:42 |
[A] ndy80 | and idmap gid? | 04:45 |
[A] ndy80 | same values? | 04:45 |
lionelp | yep | 04:46 |
[A] ndy80 | lionelp: done... still same error... | 04:48 |
=== soumyadip [n=soumyadi@59.93.241.200] has joined #ubuntu-server | ||
=== ealden [n=ealden@219.90.91.90] has joined #ubuntu-server | ||
[A] ndy80 | lionelp: getent passwd executed on server gives me this: claudio:x:1010:1010:,,,:/home/DEBIANDOMAIN/claudio:/bin/bash | 04:52 |
[A] ndy80 | -__- | 04:52 |
[A] ndy80 | grrrrrr :\ | 04:52 |
[A] ndy80 | one moment.... | 04:57 |
[A] ndy80 | isn't it normal that local "claudio" user is 1010 and DEBIANDOMAIN+claudio is 10002? it could be that I've to set the owner of /home/DEBIANDOMAIN/claudio to DEBIANDOMAIN+claudio user not to claudio user... is it possible? | 04:58 |
[A] ndy80 | bingo! another time :) | 05:01 |
[A] ndy80 | lionelp: on server I did: chown -R 10002:10000 /home/DEBIANDOMAIN/claudio | 05:01 |
[A] ndy80 | now client "claudio" can write to that folder :) | 05:02 |
lionelp | cool ! | 05:07 |
[A] ndy80 | I'd like them to be the same.... :\ | 05:10 |
[A] ndy80 | lionelp: I'm reading the winbind documentation.... winbind is not started on server! And I get an error trying to start it. | 05:35 |
[A] ndy80 | how can I check for error log? | 05:35 |
[A] ndy80 | I only see: Starting the Winbind daemon: winbind failed! | 05:36 |
lionelp | look in /var/log/samba | 05:38 |
[A] ndy80 | no sorry... now is running.... | 05:40 |
[A] ndy80 | O_o | 05:40 |
[A] ndy80 | I'm getting crazy -__- | 05:40 |
lionelp | :) | 05:41 |
[A] ndy80 | lionelp: if I change the nsswitch.conf what Do i have to restart? | 05:46 |
lionelp | nothing | 05:46 |
=== ajmitch [i=ajmitch@port164-8.ubs.maxnet.co.nz] has joined #ubuntu-server | ||
[A] ndy80 | ok.... | 05:48 |
[A] ndy80 | don't know... | 05:48 |
[A] ndy80 | thanks anyway, I've to go now :( | 05:48 |
[A] ndy80 | see ya next time! | 05:48 |
[A] ndy80 | thanks again! | 05:48 |
=== Pygi [n=mario@83-131-248-12.adsl.net.t-com.hr] has joined #ubuntu-server | ||
Pygi | join #fama | 06:00 |
Pygi | bah :/ | 06:00 |
=== beezly [n=beezly@2001:630:63:16:230:1bff:feb7:2528] has joined #ubuntu-server | ||
=== Valandil [n=chrys@dslb-084-056-104-208.pools.arcor-ip.net] has joined #ubuntu-server | ||
Pygi | o, welcome valandil | 06:35 |
spike | anybody with experience running openswan+26sec|KLIPS and Kame that can spend a few words on it? besides the known stuff, KLIPS creating vpn devices, 26sec problems history and similar | 06:39 |
spike | mostly I'm curios if any of the two offer advantages in terms of interoperability with appliances like cisco pix | 06:39 |
spike | I was reading up on openswan, and NAT-T interoperability with ciscos is unknown | 06:40 |
=== lionelp [n=lionel@ip-128.net-82-216-65.rev.numericable.fr] has joined #ubuntu-server | ||
=== zenrox [n=zenrox@71.115.198.118] has joined #ubuntu-server | ||
=== MarioMeyer [n=meyer@ubuntu/member/mariomeyer] has joined #ubuntu-server | ||
Pygi | o, chara :P | 08:39 |
=== _torkel [n=torkel@217.168.89.82] has joined #ubuntu-server | ||
=== mipe [n=michael@135-2-124-83.dsl.3u.net] has joined #ubuntu-server |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!