domain level authentication?

MCCALL,DON (HP-USA,ex1) don_mccall at hp.com
Tue Mar 13 18:35:12 GMT 2001


Hi Mjo,
Try removing the machine account for samba on your pdc and re-adding it,
then
add the line "password server = *" after your security=domain  line in the
smb.conf
file, and then do the smbpasswd -j command again.
BTW, what is your NT PDC - Win2k or WinNT 40.  And what version is you Samba
server?  (find out by typing smbd -V).
Hope this helps,
Don

-----Original Message-----
From: mjo [mailto:mjo at ci.bedford.nh.us]
Sent: Tuesday, March 13, 2001 12:39 PM
To: samba at us5.samba.org
Subject: domain level authentication?


I'm trying to set up a samba server, such that 60 or so win 98 users can log
into the linux box and be plopped into their respective home directories on
it.
 I don't want them to be promted for passwords, I want the PDC, an NT box,
to
take care that in such a wy that I do not need a smbpasswd file. I know
almost
nothing about NT, but the server running works just fine, and will let
people
authenticate into samba as long as I set it up authenticating against a
smbpasswd file.

Here is the relevant part of the smb.conf file I'm using:
[global]
        netbios name = MYNBNAME
        workgroup = MYDOMAIN
        server string = Samba %v on (%L)
        log level= 1
        max log size = 1000
        encrypt passwords = yes
        security = domain
 
[homes]
        brosweable = yes
        map archive = yes
              

[data]
        path = /data
        comment = data drive
        volume = Data-Drive
        writeable = yes


MYNBNAME is listed in the NT box's server manager.
I shut down samba, type
smbpasswd -j MYDOMAIN -r MYPDC
        
Here is the error I get:

cli_net_req_chal: Error NT_STATUS_NOT_SUPPORTED
cli_nt_setup_creds: request challenge failed
modify_trust_password: unable to setup the PDC credentials to machine MYPDC.
Error was : NT_STATUS_NOT_SUPPORTED. 2001/03/13 11:03:37 :
change_trust_account_password: Failed to change password for domain
MYDOMAIN.
Unable to join domain MYDOMAIN.        

I have also tried setting setting sercurity=server.

Any thoughts?  Thanks!
-Mjo                   

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba




More information about the samba mailing list