[Samba] Trying to find why it is not working
Simon Renshaw
simon at castortech.com
Fri Jun 2 19:11:56 GMT 2006
Hi,
First, sorry if this is a bit long.
I'm having problems finding what is wrong with my setup. Running Samba
3.0.10-1.4E.6 on CentOS 4.3. PDC is AD on windows 2003.
Samba and winbind are running.
My smb.conf file:
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2006/05/30 10:52:16
# Global parameters
[global]
workgroup = MONTREAL
realm = CASTORTECH.COM
interfaces = eth0
security = ADS
password server = castor-srvr1
wins server = 192.168.64.20
[Main]
comment = Test
path = /
guest ok = yes
writeable = yes
I was able to join the domain with net ads join. I see the Linux box in
AD. I also see it in my Network Places on Windows and the share called
Main but it asks for a user/password when I try to access it and it
doesn't work.
If I run net ads testjoin:
Join is OK
If I run net ads info:
LDAP server: 192.168.64.20
LDAP server name: castor-srvr1
Realm: CASTORTECH.COM
Bind Path: dc=CASTORTECH,dc=COM
LDAP port: 389
Server time: Fri, 02 Jun 2006 14:04:26 GMT
KDC server: 192.168.64.20
Server time offset: -947
If I run net ads lookup:
Information for Domain Controller: castor-srvr1
Response Type: SAMLOGON
GUID: e7508a6a-4561-4440-b45c-9fd246d4c93c
Flags:
Is a PDC: yes
Is a GC of the forest: yes
Is an LDAP server: yes
Supports DS: yes
Is running a KDC: yes
Is running time services: yes
Is the closest DC: yes
Is writable: yes
Has a hardware clock: no
Is a non-domain NC serviced by LDAP server: no
Forest: castortech.com
Domain: castortech.com
Domain Controller: castor-srvr1.castortech.com
Pre-Win2k Domain: MONTREAL
Pre-Win2k Hostname: CASTOR-SRVR1
Site Name: Default-First-Site-Name
Site Name (2): Default-First-Site-Name
NT Version: 5
LMNT Token: ffff
LM20 Token: ffff
Net ads user also return a list of the domain's users.
Wbinfo -u and -g return a list of the domain's users and groups.
But if I run wbinfo -a simon%bvhdohgo I get:
plaintext password authentication failed
error code was NT_STATUS_NO_SUCH_USER (0xc0000064)
error messsage was: No such user
Could not authenticate user simon%bvhdohgo with plaintext password
challenge/response password authentication succeeded
I also tried with administrator but I got the same result.
But I ran wbinfo --set-auth-user=administrator%pass and get
MONTREAL\administrator%pass if I run wbinfo --get-auth-user. So it is
able to get the domain info. I don't get it.
And of course, getent passwd returns the local users, not the one from
the domain.
Passwd, shadow and group are set as files winbind in /etc/nsswitch.conf.
I think that I am pretty close to a solution but I don't know what to do
next.
Any idea what is wrong and what should I check next?
Thanks!
Simon
More information about the samba
mailing list