Info on Winbind drastically needed please.
Greg Dickie
greg at justaguy.ca
Mon Jan 7 17:50:03 GMT 2002
Does the home directory exist?
On 7 Jan 2002, Mark Cooke wrote:
> Date: 07 Jan 2002 20:58:22 +0000
> From: Mark Cooke <mark at extension2.freeserve.co.uk>
> To: "Samba-Technical (E-post)" <samba-technical at samba.org>
> Subject: Info on Winbind drastically needed please.
>
> Hi All,
>
> First off I'll start by apologising that this maybe the incorrect list
> to ask some of these questions, but If someone could possibly take a
> moment to help me out (as Ive tried posting to over samba lists and the
> redhat lists), I would be very grateful..
>
> Basically Ive been trying for about 2 weeks to try to get my Linux box
> to talk to our PDC on an NT server at work and to be honest It's really
> starting to get to me.
>
> I'm using samba-2.2.2-8 from RedHat rawhide on RH 7.1.
>
> I ve installed it correctly and copied over the correct files and edited
> my smb.conf as below:
>
>
> [global]
>
> # Winbind configuration
> winbind separator = +
> winbind cache time = 10
> template shell = /bin/bash
> template homedir = /home/%D/%U
> winbind uid = 10000-20000
> winbind gid = 10000-20000
>
> # workgroup = NT-Domain-Name or Workgroup-Name
> workgroup = TUX
>
> # Security mode. Most people will want user level security. See
> # security_level.txt for details.
> security = domain
>
> # Use password server option only with security = server
> # The argument list may include:
> # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
> # or to auto-locate the domain controller/s
> # password server = *
> password server = THOR
>
> # You may wish to use password encryption. Please read
> # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
> # Do not enable this option unless you have read those documents
> encrypt passwords = yes
> ; smb passwd file = /etc/samba/smbpasswd
>
>
> Our domain shall we say is called TUX.
>
> In /etc/nsswitch.conf put the following:
>
> passwd: files winbind
> group: files winbind
>
> Ive managed to get the linux box to join the domain using:
>
> smbpasswd -j TUX -r THOR -U admin.
>
> So then (to keep things simple), altered /etc/pam.d/login to read
> (I am at the console trying to login):
>
> auth required /lib/security/pam_securetty.so
> auth required /lib/security/pam_nologin.so
> auth sufficient /lib/security/pam_winbind.so
> auth required /lib/security/pam_pwdb.so use_first_pass shadow
> nullok
> account required /lib/security/pam_winbind.so
> #account required /lib/security/pam_stack.so service=system-auth
> password required /lib/security/pam_stack.so service=system-auth
> session required /lib/security/pam_stack.so service=system-auth
> session required /lib/security/pam_console.so
>
> then I started winbindd and also both samba services.
>
> I can list all the NT Domasin users using:getent passwd and getent group
>
> but, when I try to login, it authenticicates ok (after checking
> /var/log/.messages), but after typing in hte password, it brings up the
> issue screen, then very quickly an error about not being able to create
> the users directory (but nothing is displayed in the logs at all)
> It logs in o.k, and displays the issue msg and then logs me out straight
> away.
> Also there is nothing related to this in the samba logs either.
> /var/log/messages/:
>
> Jan 7 10:08:07 scaramanga pam_winbind[22583]: user 'TUX+admin' granted
> acces
> Jan 7 10:08:07 scaramanga pam_winbind[22583]: user 'TUX+admin' granted
> acces
> Jan 7 10:08:07 scaramanga login(pam_unix)[22583]: session opened for
> user TUX+admin by LOGIN(uid=0)
> Jan 7 10:08:07 scaramanga -- TUX+admin[22583]: LOGIN ON tty1 BY
> TUX+admin
> Jan 7 10:08:07 scaramanga login(pam_unix)[22583]: session closed for
> user TUX+admin
>
> Again Iam sorry if this is the wrong list,but I figured that being the
> developers list hopefully someone could help he out, as someone would
> have abit more knowledge of how winbind works here.
>
> The way I can see it is that once you logged in then samba should create
> the directorys for you, ie /home/TUX/admin in this case
>
> rather than manually creating them before the user logs in.
>
> Thanks in Advnace
>
> Mark
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
--
======================================
Greg Dickie
just a guy enterprises
greg at justaguy.ca
More information about the samba-technical
mailing list