Admstng
10-06-2005, 08:51 AM
Hello,
I am having some issues with Winbind and wbinfo_group.pl. I am able to authenticate users in my domain, but I am not able to use wbinfo_group.pl to authenticate AD groups. Our domain controllers are windows 2000 boxes.
Our network consist's of 2 domains. one is domain1.domain.com and the other is domain2.domain1.domain.com.
My linux server is in domain1 and this is where I would like winbind to pull AD information from my domain. When I joined my box to this domain, I connected to a DC in my domain. But I cannot retrieve and group or user info from my domain? but can authenticate users in my domain?
[root@MyLinuxBox squid]# wbinfo -u
domain2\2345A05DC-1934-43FB-8
domain2\user1
domain2\user2
domain2\user3
domain2\user4
[root@MyLinuxBox squid]# wbinfo -g
BUILTIN\group1
BUILTIN\group2
BUILTIN\group3
domain2\group1
domain2\group2
[root@MyLinuxBox squid]# wbinfo -t
checking the trust secret via RPC calls succeeded
#but, l can authenticate a user on domain1?
[root@MyLinuxBox squid]# wbinfo -a domain1user%hispassword
plaintext password authentication succeeded
challenge/response password authentication succeeded
#but when I try and use wbinfo_group.pl which is what I really need, it just #doesn't work for either domain. I am assuming I would need to be able to #succesffuly use this for Squid to check what users are part of a AD group..
[root@Yankees squid]# ./wbinfo_group.pl
domain1\user1 domain1\group1
ERR
#I have also tried the FQDN (domain1.domain.com\user1 ...)
#and I get the same for domain2
[root@Yankees squid]# ./wbinfo_group.pl
domain2\user1 domain2\group1
ERR
[root@Yankees squid]# wbinfo --domain DOMAIN2
[root@Yankees squid]#
# Is this supposed to show a repsonse? I also tried...
[root@Yankees squid]# wbinfo --domain domain2.domain1.domain.com
[root@Yankees squid]# wbinfo --sequence
MyLinuxBox : 1
BUILTIN : 1
DOMAIN2 : 1827973
DOMAIN1 : 2465849
----------
So, to recap...
Why isn't wbinfo showing any domain info from domain1? and why isn't wbinfo_group.pl working
ANY help is greatly appriciated.
Thanks,
I am having some issues with Winbind and wbinfo_group.pl. I am able to authenticate users in my domain, but I am not able to use wbinfo_group.pl to authenticate AD groups. Our domain controllers are windows 2000 boxes.
Our network consist's of 2 domains. one is domain1.domain.com and the other is domain2.domain1.domain.com.
My linux server is in domain1 and this is where I would like winbind to pull AD information from my domain. When I joined my box to this domain, I connected to a DC in my domain. But I cannot retrieve and group or user info from my domain? but can authenticate users in my domain?
[root@MyLinuxBox squid]# wbinfo -u
domain2\2345A05DC-1934-43FB-8
domain2\user1
domain2\user2
domain2\user3
domain2\user4
[root@MyLinuxBox squid]# wbinfo -g
BUILTIN\group1
BUILTIN\group2
BUILTIN\group3
domain2\group1
domain2\group2
[root@MyLinuxBox squid]# wbinfo -t
checking the trust secret via RPC calls succeeded
#but, l can authenticate a user on domain1?
[root@MyLinuxBox squid]# wbinfo -a domain1user%hispassword
plaintext password authentication succeeded
challenge/response password authentication succeeded
#but when I try and use wbinfo_group.pl which is what I really need, it just #doesn't work for either domain. I am assuming I would need to be able to #succesffuly use this for Squid to check what users are part of a AD group..
[root@Yankees squid]# ./wbinfo_group.pl
domain1\user1 domain1\group1
ERR
#I have also tried the FQDN (domain1.domain.com\user1 ...)
#and I get the same for domain2
[root@Yankees squid]# ./wbinfo_group.pl
domain2\user1 domain2\group1
ERR
[root@Yankees squid]# wbinfo --domain DOMAIN2
[root@Yankees squid]#
# Is this supposed to show a repsonse? I also tried...
[root@Yankees squid]# wbinfo --domain domain2.domain1.domain.com
[root@Yankees squid]# wbinfo --sequence
MyLinuxBox : 1
BUILTIN : 1
DOMAIN2 : 1827973
DOMAIN1 : 2465849
----------
So, to recap...
Why isn't wbinfo showing any domain info from domain1? and why isn't wbinfo_group.pl working
ANY help is greatly appriciated.
Thanks,