Samba

From Braindump
Revision as of 09:05, 6 January 2024 by Jan (talk | contribs)
Jump to navigation Jump to search

Winbind works, mapping to UNIX ID's does not

Alpine doesn't use NSS because of MUSL, need other way of mapping, /etc/samba/user.map requires passwords between AD and UNIX to be in Sync. Maybe switch to SSSD? 

kinit administrator@ISLIEF.COM
klist

wbinfo -u
wbinfo -g
wbinfo -i ISLIEF/Administrator
administrator:*:3500:3513::/home/ISLIEF/administrator:/bin/false

wbinfo -s S-1-5-21-870187001-592863278-1011463606-1604
ISLIEF/jan 1

wbinfo -n ISLIEF/jan

wbinfo -a jan
Enter jan's password:
plaintext password authentication succeeded
Enter jan's password:
challenge/response password authentication succeeded

wbinfo -S S-1-5-21-870187001-592863278-1011463606-1604
failed to call wbcSidToUid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert sid S-1-5-21-870187001-592863278-1011463606-1604 to uid

wbinfo -r ISLIEF/administrator
3500 3513 3572 3518 3519 3520 3512 2001 2000

wbinfo -i ISLIEF/jan
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user ISLIEF/jan

smbclient -L //10.0.0.5 -U ISLIEF/jan
Password for [ISLIEF\jan]:
session setup failed: NT_STATUS_LOGON_FAILURE

https://www.suse.com/support/kb/doc/?id=000017458

samba4 as active directory member using winbind to lookup user doesn't work on Alpine Linux because MUSL doesn't use nsswitch, however with musl nscd from pikhq authentication works, but only if the /usr/sbin/nscd process is running while trying an authentication is tried, the authentication hangs until the nscd process is stopped.

https://github.com/pikhq/musl-nscd/

I haven't figured out where and why this works.


gdb /usr/sbin/nscd

info functions


set logging enabled on

set confirm off

set height off

rbreak ^s[^@]*$


gprof /usr/sbin/nscd

Retrieved from "https://www.janmg.com/wiki/index.php?title=Samba&oldid=969"