[Samba] Problem: FreeBSD 5.4 and Samba 3.0.20 not working with ADS
Thomas Lesh
TLesh at hss-mms.com
Mon Sep 19 18:12:11 GMT 2005
Hello all,
I'm having a really difficult time with this setup. I can communicate
with my Win2k3 PDC from my FreeBSD Samba file server by using the wbinfo
utility. The wbinfo utility returns all of the information that I
expect it to successfully. I've joined the Samba file server to the AD
already. Users can access shared resources on the Samba file server
*ONLY IF* they have a local account on the Samba file server. What am I
doing wrong, it's giving me massive headaches?! Here are my config
files:
-------[ smb.conf ]-------
[global]
workgroup = HELLO
realm = HELLO.LOCAL
server string = Samba File Server
security = ADS
auth methods = winbind
password server = 192.168.20.5
log level = 3
log file = /var/log/samba/log.%m
max log size = 100
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
printcap name = cups
preferred master = No
domain master = No
dns proxy = No
wins server = 192.168.20.5
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 20000-30000
winbind use default domain = Yes
winbind trusted domains only = Yes
invalid users = root
acl group control = Yes
inherit permissions = Yes
inherit acls = Yes
write cache size = 262144
[homes]
comment = Home Directories
read only = No
browseable = No
[public]
comment = Public Share
path = /home/pub
admin users = Administrator
read only = No
create mask = 0664
directory mask = 0775
guest ok = Yes
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
-------[ krb5.conf ]-------
[libdefaults]
default_realm = HELLO.LOCAL
[realms]
HELLO.LOCAL = {
kdc = champion.hello.local
admin_server = champion.hello.local
}
[domain_realm]
.hello.local = HELLO.LOCAL
-------[ nsswitch.conf ]-------
group: compat files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: compat files winbind
passwd_compat: nis
shells: files
shadow: files winbind
-------[ /etc/pam.d/login ]-------
# auth
auth required pam_nologin.so no_warn
auth sufficient pam_self.so no_warn
auth include system
auth sufficient pam_winbind.so
# account
account requisite pam_securetty.so
account include system
account sufficient pam_winbind.so
# session
session include system
# password
password include system
Thanks for taking the time to check this out!
-Tom
More information about the samba
mailing list