[Samba] Winbind Auth with 2K ADS Domain Problems

jens at groh.to jens at groh.to
Thu Aug 22 13:59:01 GMT 2002


Hi there,

I'm not that new in Samba, just paused a little while ;) My actual problem is, that I try to setup a FreeBSD Samba Server who should control share access with authenticating users in a win2k ads domain. The 2K Domain is setup correctly (I think so). Now I created three test shares on the samba server after setting up smbb, nmbd and winbindd. Problem now is any time I try accessing one of the shares, I get a permission denied from any 2k or XP Workstation. Even tried the server but the same problem. If I enter root/pass in the appearing dialog, access is granted as root, but not one of the domain user or the administrator can login. If I put a domain user in the master.passwd manually (tried it with the "Administrator" account") everything works as expected. Why isn't winbindd authenticating my users correctly?

Another thing is, that if I authenticate now as root or Administrator a new share with the name of the entered user appears with the basedir set to the defined /homes dir. Why?

wbinfo -t shows: "Secret is good"
wbinfo -u shows all users which reside in the Domain Datahaven. But I wonder why they are listed as:

user1
user2
etc

instead of:

Datahaven+user1
Datahaven+user2
etc

Here's my smbd.conf:

# Global parameters
[global]
        workgroup = DATAHAVEN
        netbios name = MORGANA
        security = DOMAIN
        encrypt passwords = Yes
        null passwords = Yes
        min passwd length = 0
        password server = *
        log level = 3
        log file = /var/log/log.%m
        max log size = 50
        name resolve order = host lmhosts wins bcast
        load printers = No
        local master = No
        domain master = False
        dns proxy = No
        valid chars = - _
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        template homedir = /data120/home/%U
        winbind use default domain = Yes
        winbind separator = +
        hosts allow = 10.2.0.

[homes]
        comment = Home
        path = /data120/home
        read only = No

[test]
        comment = Testing
        path = /data120/test
        valid users = root Administrator Datahaven\Administrator
        read only = No

[Download]
        comment = Test share to /data80
        path = /data80
        read only = No

---

and in my /etc/nsswitch.conf I entered:

passwd: files winbind
group: files winbind

---

Another thing is that in my FreeBSD installation there is no /lib so i copied the files in /usr/lib (where I found the other .so's).

I would have tried it on Linux but there were extreme problems with my hardware and BSD installed in half an hour correctly ;))

Would be very nice if any of you gurus could solve one of the problems!!

(I know, best way is to kick the 2K Server to trash ;))


Greets,

Jens




More information about the samba mailing list