[Samba] NEED HELP WINBIND

Claudio Guzman cguzmana at gmail.com
Sun Jan 24 19:28:31 MST 2010 

The problem I have is I can not enter the EXAMPLE domain with winbind
winbind-u-g, I can see all domain users.

You have the problem that I can not create home /% u

My Samba architecture is

SRV1: PDC-LDAP-SAMBA
SRV2: SAMBA-winbind and that is what I use for the shares
DOMAIN: EXAMPLE
so far the users can enter, but complain that there are problems with
permissions on some folders


# Global settings
[global]
        display charset = LOCALE
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
        idmap gid = 1000-33554431
        passwd program = /usr/bin/passwd %u
        netbios name = srvsamba
        idmap uid = 1000-33554431
        dos charset = CP850
        local master = no
        workgroup = EXAMPLE
        debug level = 9
        os level = 0
        security = domain
        log file = /var/log/samba/%m.log
        guest account = nobody
        smb passwd file = /etc/samba/smbpasswd
        load printers = no
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        wins server = 192.168.1.252
        map to guest = Bad User
        domain master = no
        encrypt passwords = yes
        realm =
        template shell = /bin/false
        server string = srvsamba
        winbind enum users = Yes
        password server = 192.168.1.252
        template homedir = /mnt/samba/home/%u
        winbind enum groups = Yes
        unix charset = UTF-8
        preferred master = no
        pam password change = yes
        winbind use default domain = no

; interfaces = 192.168.12.2/24 192.168.13.2/24
; remote announce = 92.168.1.255 192.168.2.44
; domain logons = yes
; hosts deny = all
 username map = /etc/samba/smbusers
obey pam restrictions = yes
;       winbind separator = \

[A]
        comment = A
        path = /mnt/samba/a
        read only = No
        create mask = 0770
        directory mask = 02770
        hosts allow = 192.168.1.0/24, 192.168.0.0/24, 192.168.2.0/24
        map acl inherit = Yes
        veto files = /*:Zone.Identifier:*/
        veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/
        store dos attributes = Yes
        dos filemode = Yes
        dos filetime resolution = Yes

[B]
        comment = B
        path = /mnt/samba/B
        read only = No
        create mask = 0777
        directory mask = 02770
        hosts allow = 192.168.1.0/24
        map acl inherit = Yes
        veto files = /*:Zone.Identifier:*/
        veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/
        store dos attributes = Yes
        dos filemode = Yes
        dos filetime resolution = Yes
        fake directory create times = Yes

[C]
        comment = C
        path = /mnt/samba/C
        read only = No
        create mask = 0777
        directory mask = 02775
        hosts allow = 192.168.1.0/24
        map acl inherit = Yes
        veto files = /*:Zone.Identifier:*/
        veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/
        store dos attributes = Yes
        dos filemode = Yes
        dos filetime resolution = Yes
        fake directory create times = Yes

[homes]
        path = /mnt/samba/home/%U
        read only = No
        create mask = 0777
        directory mask = 0777
        hosts allow = 192.168.1.0/24, 192.168.0.0/24, 192.168.2.0/24
        map acl inherit = Yes
        store dos attributes = Yes
        dos filemode = Yes
        dos filetime resolution = Yes

---------------------

ERROR

:/etc/samba# net rpc join -S pdc -U administrador
Enter administrador's password:
[2010/01/24 23:08:33,  0] utils/net_rpc_join.c:net_rpc_join_newstyle(349)
  error setting trust account password: NT_STATUS_ACCESS_DENIED
Unable to join domain LYD.

More information about the samba mailing list