bug? Samba ADS member server does _not_ accept userid/pw but only kerberos

Stefan Beck becks at itereu.de
Mon Feb 9 08:45:22 GMT 2004

Volker.Lendecke at SerNet.DE wrote:
> On Mon, Feb 09, 2004 at 07:46:52AM +0100, Stefan Beck wrote:
>>If this would the problem, why does 'smbclient -U user%pw -L //win2k' 
>>(or the net view command on win) works with other windows ads member 
>>servers? It _must_ be something specific to the samba server (?)
> The question is: Would 'smbclient -U% -L //win2k' work?

yes, is works. (see bugreport)

> I did not mean to use the user database provided by winbindd. Just start that
> daemon. As long as you still have your /etc/nsswitch.conf entries set to
> passwd: files nis
> or 
> passwd: compat

this is the current setting.

> (I'm talking about Linux glibc here) a running daemon will not disturb your 
> NIS database. So what I am asking you is simply start that daemon and give it
> the auth user with 'wbinfo --set-auth-user'. It will *NOT* disturb you user
> database 

yes, that's obvious.

> but act as a proxy between the smbd's and the DC's.

Oh, thanks for clarification. I didn't know about this usage. I'll try 
this immediately and let you know...

> BTW, this is really recommended these days as it is a big performance
> optimization. A user logon with smbd only is about 60 packets between Samba and
> the DC, with winbindd this can be cut down to only 3 packets per user.

great ;-)


More information about the samba-technical mailing list