The Samba-Bugzilla – Bug 3265
net ads join "OU=<container>"
Last modified: 2006-04-08 23:13:47 UTC
SuSE 9.3 (all patches)
After following the SAMBA HOWTO for using ADS authentication I have come accross a problem.
In Chapter 6 Section II of the Samba 3 HOWTO I performed the following commands:
%> kinit user@REALM.COM
%> net ads join -U user@REALM.COM
%> net ads join -U user@REALM.COM "new_OU_container"
The joined worked, I am able to view users, authentication any users from the "new_OU_container" without problem. However because I needed to authenticate users from other containers as well I connected to the Domain and removed the computer from the OU=computers container and rejoined the domain NOT mapping a specific container.
The problem is that I am still only able to view/authenticate users in the "OU=new_OU_container" vs. the "CN=Users" default container.
I have tested this by setting up a new windows 2000 domain which mimicked the live environment, created a new samba server with the following smb.conf and I was able to view/authenticate users in any container because I did not initially specify the container in which to add the compuer account to.
I am hoping I could perhaps get an updated RPM for SuSE with the latest Winbind, SMBD, NMBD which Mr. Testra has informed me is available but not released as an installable RPM for the SuSE OS.
workgroup = DOMAIN
realm = DOMAIN.COM
server string = samba_server.domain.com
security = ADS
update encrypted = Yes
encrypt passwords = yes
password server = *
preferred master = No
domain master = No
idmap uid = 500-500000
idmap gid = 500-500000
winbind separator = /
winbind cache time = 5
winbind use default domain = Yes
winbind nested groups = Yes
log level = 2
interfaces = eth*
bind interfaces only = yes
path = /share
read only = No
inherit acls = Yes
we don't restruct users to a given OU. Please retest against a current release and reopen if the issue still exists.