[Samba] Samba with winbind trouble

John H Terpstra jht at samba.org
Fri Nov 21 15:51:49 GMT 2003 

On Fri, 21 Nov 2003, LINDER Thierry wrote:

Do you have an account in /etc/passwd called 'nobody'?

- John T.


> Hello,
>
> I try to implement a samba server (2.2.7a) with the authentifiactions via winbind to a PDC W2000.
> When I test winbind, it works:
>
> [root at pxtest samba]# wbinfo -t
> Secret is good
> [root at pxtest samba]# wbinfo -a tli%password
> plaintext password authentication succeeded
> [root at pxtest samba]#
>
> I enable the winbind on the /etc/nsswitch.conf:
>
> passwd:     files winbind
> shadow:     files
> group:      files winbind
>
> If I try to do a su to my user which is not declared in my /etc/passwd, it works fine:
>
> [root at pxtest samba]# su - tli
> [tli at pxtest tli]$
> [tli at pxtest tli]$
> [tli at pxtest tli]$ id
> uid=10061(tli) gid=10000(Domain Users) groups=10000(Domain Users),10062(PRJ - Gestion de projets),10058(KAM),10054(Team-Elargi),10018(IT Unix),10060(PRJ - Sharepoint),10053(testgrp)
> [tli at pxtest tli]$
>
> Also, I assume that the winbind levell is OK.
> But, If I try to open a share with smbclient, I can't:
>
> [root at pxtest root]# smbclient -L pxtest
> added interface ip=172.30.1.167 bcast=172.30.1.255 nmask=255.255.255.0
> Password:
> Anonymous login successful
> Domain=[UDITIS] OS=[Unix] Server=[Samba 2.2.7a-security-rollup-fix]
>
>         Sharename      Type      Comment
>         ---------      ----      -------
>         test           Disk      Share de test pour les ACL's
>         IPC$           IPC       IPC Service (Samba Server 2.2.7a-security-rollup-fix + ACL's support)
>         ADMIN$         Disk      IPC Service (Samba Server 2.2.7a-security-rollup-fix + ACL's support)
>
>         Server               Comment
>         ---------            -------
>         PXTEST               Samba Server 2.2.7a-security-rollup-fix + ACL's
>         UDNEJ102
>
>         Workgroup            Master
>         ---------            -------
>         UDITIS               UDNEJ102
> [root at pxtest root]# smbclient //pxtest/tli -U tli
> added interface ip=172.30.1.167 bcast=172.30.1.255 nmask=255.255.255.0
> Password:
> session setup failed: NT_STATUS_LOGON_FAILURE
> [root at pxtest root]#
>
> Here is my smb.conf configuration file:
>
> [root at pxtest samba]# cat smb.conf
> # Samba config file created using SWAT
> # from udpexp07.uditis.ch (172.30.1.131)
> # Date: 2003/11/21 10:22:37
>
> # Global parameters
> [global]
>         workgroup = UDITIS
>         netbios name = PXTEST
>         server string = Samba Server %v + ACL's support
>         security = DOMAIN
>         encrypt passwords = No
>         obey pam restrictions = Yes
>         password server = udnej102.uditis.ch
>         pam password change = Yes
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
>         unix password sync = Yes
>         log level = 2
>         log file = /var/log/samba/samba.log
>         max log size = 0
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         preferred master = No
>         local master = No
>         domain master = No
>         dns proxy = No
>         winbind uid = 10000-20000
>         winbind gid = 10000-20000
>         template homedir = /home/test/%U
>         template shell = /bin/bash
>         winbind cache time = 0
>         winbind use default domain = Yes
>         guest account = Guest
>         printing = cups
>
> [homes]
>         comment = Home Directories
>         valid users = %S
>         read only = No
>         create mask = 0664
>         directory mask = 0775
>         browseable = No
>
> [printers]
>         comment = All Printers
>         path = /var/spool/samba
>         printable = Yes
>         browseable = No
>
> [test]
>         comment = Share de test pour les ACL's
>         path = /home/test
> [root at pxtest samba]#
>
> Thanks by advance to help me on this trouble, because I found nothing serious on the logs and I passed through alla my ideas ...
>
> Many thanks
>
> Thierry
> ----------------------------------------------------------------------
>
> Thierry Linder                   Tél. central +41 (0)32 557 55 00
> Mandataire Commercial            Mobile       +41 (0)79 473 92 35
> Key Account Manager              Fax          +41 (0)32 557 55 05
> Rue de la Gare 4
> CH 2034 Peseux (NE)
> mailto:thierry.linder at uditis.ch
> http://www.uditis.ch
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list