[Samba] Winbind help

Simeonidis, Steve simes at cpgen.cpg.com.au
Mon Sep 30 07:02:00 GMT 2002 

Hi everyone,

I've been trying to use winbind in order to 
connect to WinNT PDC for authenticating user and
also mapping user/group ids.

We are using RH 7.3 Samba 2.2.3a

I've followed the instruction provided in the document
"Unified Logons between WindowsNT and UNIX using Winbind"

We only want to authenticate SAMBA users so I've skipped the
/etc/pam.d/* changes.

This is the "impertant" entries of my smb.conf file
   workgroup = groupserv_melb
   netbios name = linux-smb
   netbios aliases = linux-test

   winbind separator = +
   winbind uid = 10000-20000
   winbind gid = 10000-20000
   winbind enum users = yes
   winbind enum groups = yes
   template homedir = /home/winnt/%D/%U
   template shell = /bin/bash

   password server = 138.79.130.20
   encrypt passwords = yes
   smb passwd file = /etc/samba/smbpasswd
   unix password sync = Yes
   passwd program = /usr/bin/passwd %u

   add user script = /usr/sbin/useradd -d /home/winnt/%D/%U -s /bin/false -M 
%U

The domain has been joined using smbpasswd 

Here are my questions:
Everytime I enable domain logons on SAMBA and try the
"wbinfo -t" I get Bad secret
When the domain logons is disabled then the secret is good.

if I type "wbinfo -u" I get all the domain users not a problem
the same with the "wbinfo -g" for groups.


Using the "add user script =" parameter trying to access the domain
using smbclient eg.
"smbclient //linux-smb/homes  -W groupserv_melb -I 138.79.161.225 -U 
tst-steve" 
The home directory doesn't get created properly. The %D option is EMPTY.
The user gets created in passwd/group/shadow but the HOME directory
DOESN'T??

I get something like 
tst-steve:x:10058:10058::/home/winnt//tst-steve:/bin/false
in the passwd file (with 2 // instead of the DOMAIN Name).

Also winbindd log file complains about port 445 on the PDC
[2002/09/30 16:02:24, 2] lib/util_sock.c:open_socket_out(858)
  error connecting to 138.79.130.20:445 (Connection refused)
What does that port do?


So what is the best way to do it if I want to authenticate the users from the
WindowsNT PDC and also give them access to SAMBA shares using the Windows
NT permissions?



Thanks in advance.
 
-- 

Steve Simeonidis
Network Engineer, Spherion Education
Spherion Group Ltd

1st Floor, 493 St. Kilda Rd, Melbourne VIC 3004, Australia
Phone:  +61 3 9243 2382    Fax:    +61 3 9820 2010
Email: stevesimeonidis at spherion.com

The information contained in this email and any attachments to it:
(a) may be confidential and if you are not the intended recipient, any
interference with, use, disclosure or copying of this material is
unauthorised and prohibited; and
(b) may contain personal information of the recipient and/or the sender as
defined under the Privacy Act 1988 (Cth).  Consent is hereby given by the
recipient(s) to collect, hold and use such information and any personal
information contained in a response to this email, for any reasonable purpose
in the ordinary course of Spherion's business, including forwarding this
email internally or disclosing it to a third party.  All personal information
collected by Spherion will be handled in accordance with Spherion's Privacy
Policy.
If you have received this email in error, please notify the sender and delete
it.

More information about the samba mailing list