bug? Samba ADS member server does _not_ accept userid/pw but only kerberos

Volker.Lendecke at SerNet.DE Volker.Lendecke at SerNet.DE
Mon Feb 9 08:12:00 GMT 2004

On Mon, Feb 09, 2004 at 07:46:52AM +0100, Stefan Beck wrote:
> If this would the problem, why does 'smbclient -U user%pw -L //win2k' 
> (or the net view command on win) works with other windows ads member 
> servers? It _must_ be something specific to the samba server (?)

The question is: Would 'smbclient -U% -L //win2k' work?

> winbindd is not an option since we're getting the unix users from nis. 
> There share must be accessible via smb/nfs/appletalk.

I did not mean to use the user database provided by winbindd. Just start that
daemon. As long as you still have your /etc/nsswitch.conf entries set to

passwd: files nis


passwd: compat

(I'm talking about Linux glibc here) a running daemon will not disturb your 
NIS database. So what I am asking you is simply start that daemon and give it
the auth user with 'wbinfo --set-auth-user'. It will *NOT* disturb you user
database but act as a proxy between the smbd's and the DC's.

BTW, this is really recommended these days as it is a big performance
optimization. A user logon with smbd only is about 60 packets between Samba and
the DC, with winbindd this can be cut down to only 3 packets per user.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20040209/b69d2c24/attachment.bin

More information about the samba-technical mailing list