PDC user authentication
Randy Parker
randyp at ti.com
Wed Jun 7 11:36:32 GMT 2000
I'm not sure about other stuff, but problem #1 I
solved using a suggestion from the John Blair Samba
book, page 236. He says set "valid users = %S" in
the [homes] definition to keep unauthorized users
out of home directories they don't own. It works
for me.
Regards,
Randy Parker
Wilson Yau <wilson at coms.com> wrote:
>Dear all Samba Gurus,
>
>Recently, I have looked into the possibility of the complete replacement
>of NT4 server by deploying Samba.
>
>As an experiment, I am trying to configure a Linux box running Debian
>Potato with kernel 2.2.15 as a Samba server, which will eventually
>emulate a NT PDC. On top of that, I am running NT4 workstation client
>by using VMware 2.0.
>
>I first started with the latest production version 2.0.7a, but
>encountered some problems when came to the PDC implementation. After
>consulting some resources from books (e.g. Using Samba, O'Reilly) and
>several web sites (e.g. http://www.ping.be/linux-and-samba/ ), I decided
>to get the latest development version from the cvs site of samba.org so
>as to get the best PDC support. The one I've got is
>'release-alpha-2-5-3'. The source codes have been successfully
>compiled. Although I could make the NT domain logon live, the same
>problems persist.
>
>There are two main problems:
>
>1./ When different users has been logged in and out of the NT client,
>the late users can actually browse the home directories of the previous
>ones;
>
>2./ When a user logs in, an error message pops up saying 'The operating
>system was unable to create profile directory \\mole\Profiles\%U.pds.
>You will be logged on with a local profile only....'. This looks like
>something is wrong with the logon path in the [global] section or the
>path specified in the [Profiles] service.
>
>I tried to search the mailing list archive -
>http://us1.samba.org/listproc/samba-ntdom, but the URL could not be
>found. Therefore, I decided to subscibe this mailing list to learn more
>and hopefully someone can give me a helping hand.
>
>
>FYI, my server is called 'mole', my workstation is 'koala' and NT Domain
>name is 'YAU'
>
>Here are the main settings in my smb.conf file:
>
>[global]
> workgroup = YAU
> netbios name = mole
> server string = %h (Samba Server %v)
> guest account = smbguest
>
># Debug Level
> log level = 2
>
> security = user
> encrypt passwords = yes
> unix password sync = false
>
> local master = yes
> os level = 255
> domain master = yes
> preferred master = yes
> domain logons = yes
>
> logon home = \\%L\%U
> logon path = \\%L\Profiles\%U
> log file = /usr/local/samba/var/log.%m
> max log size = 50
>
>[homes]
> comment = Home Directories
> browseable = no
> guest ok = no
> read only = no
> create mask = 0700
> directory mask = 0700
>
>[Profiles]
> comment = Windows-User-Profiles
> path = /usr/local/samba/profiles
> browseable = no
> guest ok = yes
> writeable = yes
>
>
>I have created the /usr/local/samba/profiles directory manually, and it
>attributes are as follows:
>drwxr-xr-x 2 root root 4096 Jun 5 14:00 profiles
>
>If you need more information, please let me know.
>
>Many thanks for your help!
>
>Wilson Yau
>
More information about the samba-ntdom
mailing list