Please help with winbind setup
Kevin
kevin at mpcf.com
Thu Nov 8 07:55:05 GMT 2001
I'll give that a shot but i have my doubts too. I got
those numbers for both uid and gid directly from the
docs.
Thanks for the input.
VeKTeReX
"Konkol, Josh" wrote:
>
> Not positive, but I think your UID and GID ranges should not intersect like
> that.
> Try
> winbind gid = 20001-30000
>
> Josh
>
> .~.
> /V\
> /( )\
> ^^-^^
>
> -----Original Message-----
> From: Kevin [mailto:kevin at mpcf.com]
> Sent: Thursday, November 08, 2001 9:39 AM
> To: samba at lists.samba.org
> Subject: Please help with winbind setup
>
> I have been (unsuccessfully) trying to get this up and
> running for the past few days. I have successfully
> setup samba itself NUMEROUS times but this winbind
> stuff has me stumped.
>
> I have built a fresh box for this server using Turbo
> Linux server 6.5 and samba 2.2.2. I have followed all
> the docs and man pages that i could find.
>
> 1. I have samba compiled (using --with-winbind
> --with-pam) and running.
> 2. The samba box has been successfully added to my NT
> domain.
> 3. Winbind appears to be communicating to some extent
> with my PDC because i can get a list of users with
> "wbinfo -u".
>
> The samba server shows up in the browse list on the
> Windows clients but when you click on the machine it is
> still prompting users for a name and password (none of
> which work).
>
> my smb.conf file has the following related entries:
>
> #winbind stuff
> winbind separator = +
> winbind cache = 10
> winbind uid = 10000-20000
> winbind gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
> template shell = /bin/false
> template homedir = /home/$D/$U
>
> security = domain
> password server = *
> encrypt passwords = yes
>
> [tmp]
> comment = Temporary file space
> path = /tmp
> read only = no
> public = yes
>
> [share]
> comment = none
> path = /shares/test
> valid users = TESTDOM+larry,TESTDOM+administrator
> public = yes
> writable = yes
>
> I created a file called "samba" in the /etc/pam.d/ dir
> which contains the following lines:
>
> auth required /lib/security/pam_securetty
> auth required /lib/security/pam_nologin.so
> auth sufficient /lib/security/pam_winbind.so
> auth required /lib/security/pam_pwdb.so use_first_pass
> shadow nullok
> account required /lib/security/pam_winbind.so
>
> I am ONLY concerned with users being able to access the
> samba shares. I don't want them to be able to login or
> ftp to the samba box. If anyone here can help me out
> with this one i would really appreciate it. If any
> more info is required, please don't hesitate to ask.
>
> Thanks,
> VeKTeReX
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list