Info on Winbind drastically needed please.

Greg Dickie greg at justaguy.ca
Mon Jan 7 17:50:03 GMT 2002


Does the home directory exist?

On 7 Jan 2002, Mark Cooke wrote:

> Date: 07 Jan 2002 20:58:22 +0000
> From: Mark Cooke <mark at extension2.freeserve.co.uk>
> To: "Samba-Technical (E-post)" <samba-technical at samba.org>
> Subject: Info on Winbind drastically needed please.
> 
> Hi All,
> 
> First off I'll start by apologising that this maybe the incorrect list
> to ask some of these questions, but If someone could possibly take a
> moment to help me out (as Ive tried posting to over samba lists and the
> redhat lists), I would be very grateful..
> 
> Basically Ive been trying for about 2 weeks to try to get my Linux box
> to talk to our PDC on an NT server at work and to be honest It's really
> starting to get to me.
> 
> I'm using samba-2.2.2-8 from RedHat rawhide on RH 7.1.
> 
> I ve installed it correctly and copied over the correct files and edited
> my smb.conf as below:
> 
> 
> [global]
> 
> # Winbind configuration
>     winbind separator = +
>     winbind cache time = 10
>     template shell = /bin/bash
>     template homedir = /home/%D/%U
>     winbind uid = 10000-20000
>     winbind gid = 10000-20000
> 
> # workgroup = NT-Domain-Name or Workgroup-Name
>     workgroup = TUX
> 
> # Security mode. Most people will want user level security. See
> # security_level.txt for details.
>     security = domain
> 
> # Use password server option only with security = server
> # The argument list may include:
> #   password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
> # or to auto-locate the domain controller/s
> #   password server = *
>     password server = THOR
> 
> # You may wish to use password encryption. Please read
> # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
> # Do not enable this option unless you have read those documents
>     encrypt passwords = yes
> ;   smb passwd file = /etc/samba/smbpasswd
> 
> 
> Our domain shall we say is called TUX.
> 
> In /etc/nsswitch.conf put the following:
> 
> passwd:     files winbind
> group:      files winbind
> 	
> Ive managed to get the linux box to join the domain using:
> 
> smbpasswd -j TUX -r THOR -U admin.
> 
> So then (to keep things simple), altered /etc/pam.d/login to read
> (I am at the console trying to login):
> 
> auth       required     /lib/security/pam_securetty.so
> auth       required     /lib/security/pam_nologin.so
> auth       sufficient   /lib/security/pam_winbind.so
> auth       required     /lib/security/pam_pwdb.so use_first_pass shadow
> nullok
> account required /lib/security/pam_winbind.so
> #account    required     /lib/security/pam_stack.so service=system-auth
> password   required     /lib/security/pam_stack.so service=system-auth
> session    required     /lib/security/pam_stack.so service=system-auth
> session    required     /lib/security/pam_console.so
> 
> then I started winbindd and also both samba services.
> 
> I can list all the NT Domasin users using:getent passwd and getent group
> 
> but, when I try to login, it authenticicates ok (after checking
> /var/log/.messages), but after typing in hte password, it brings up the
> issue screen, then very quickly an error about not being able to create
> the users directory (but nothing is displayed in the logs at all)
> It logs in o.k, and displays the issue msg and then logs me out straight
> away.
> Also there is nothing related to this in the samba logs either.
> /var/log/messages/:
> 
> Jan  7 10:08:07 scaramanga pam_winbind[22583]: user 'TUX+admin' granted
> acces
> Jan  7 10:08:07 scaramanga pam_winbind[22583]: user 'TUX+admin' granted
> acces
> Jan  7 10:08:07 scaramanga login(pam_unix)[22583]: session opened for
> user TUX+admin by LOGIN(uid=0)
> Jan  7 10:08:07 scaramanga  -- TUX+admin[22583]: LOGIN ON tty1 BY
> TUX+admin
> Jan  7 10:08:07 scaramanga login(pam_unix)[22583]: session closed for
> user TUX+admin
> 
> Again Iam sorry if this is the wrong list,but I figured that being the
> developers list hopefully someone could help he out, as someone would
> have abit more knowledge of how winbind works here.
> 
> The way I can see it is that once you logged in then samba should create
> the directorys for you, ie /home/TUX/admin in this case
> 
> rather than manually creating them before the user logs in.
> 
> Thanks in Advnace 
> 
> Mark
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 	
> 
> 
> 
> 

-- 
======================================
Greg Dickie
just a guy enterprises
greg at justaguy.ca






More information about the samba-technical mailing list