Please help with winbind setup

Konkol, Josh JKonkol at
Thu Nov 8 07:50:03 GMT 2001

Not positive, but I think your UID and GID ranges should not intersect like
winbind gid = 20001-30000


/( )\

-----Original Message-----
From: Kevin [mailto:kevin at]
Sent: Thursday, November 08, 2001 9:39 AM
To: samba at
Subject: Please help with winbind setup

I have been (unsuccessfully) trying to get this up and
running for the past few days.  I have successfully
setup samba itself NUMEROUS times but this winbind
stuff has me stumped.

I have built a fresh box for this server using Turbo
Linux server 6.5 and samba 2.2.2.  I have followed all
the docs and man pages that i could find.

1. I have samba compiled (using --with-winbind
--with-pam) and running.
2. The samba box has been successfully added to my NT
3. Winbind appears to be communicating to some extent
with my PDC because i can get a list of users with
"wbinfo -u".

The samba server shows up in the browse list on the
Windows clients but when you click on the machine it is
still prompting users for a name and password (none of
which work).

my smb.conf file has the following related entries:

#winbind stuff
winbind separator = +
winbind cache = 10
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/false
template homedir = /home/$D/$U

security = domain
password server = *
encrypt passwords = yes

	comment = Temporary file space
	path = /tmp
	read only = no
	public = yes

	comment = none
	path = /shares/test
	valid users = TESTDOM+larry,TESTDOM+administrator
	public = yes
	writable = yes

I created a file called "samba" in the /etc/pam.d/ dir
which contains the following lines:

auth	required	/lib/security/pam_securetty
auth	required	/lib/security/
auth	sufficient	/lib/security/
auth	required	/lib/security/ use_first_pass
shadow nullok
account	required	/lib/security/

I am ONLY concerned with users being able to access the
samba shares.  I don't want them to be able to login or
ftp to the samba box.  If anyone here can help me out
with this one i would really appreciate it.  If any
more info is required, please don't hesitate to ask.


To unsubscribe from this list go to the following URL and read the

More information about the samba mailing list