[Samba] I am at my wits end
ray.simard at sylvan-glade.com
Wed Dec 18 00:26:00 GMT 2002
On Tuesday 17 December 2002 15:42, Jason Kirschenmann wrote:
> I'm a relatively new Samba user and this is my problem. I have gone
> through all of the DIAGNOSIS.txt and only get errors in Test 8 and 9. They
> repeatedly give me the same error i get when i try and access my samba
> server and that is
> "The account is not authorized to log in from this station" My computer is
> part of a domain if you need to know that.
You have not yet joined the Samba machine to the domain, so the domain
controller doesn't know the machine yet. Here's what I understand you'll need
to do; others may have more to say on the subject:
1. Change "security = share" to "security = domain"
2. Add "password server = NNN" where NNN is the NetBIOS name
of the primary domain controller for your domain.
2. Use smbpasswd (as root) to add the machine to the domain. There are two
ways this is done:
a. If the computer's trust account is already set up on the domain
> smbpasswd -j DN
where DN is the name of the domain you're joining.
b. If the trust account is not set up on the PDC, do this:
> smbpasswd -j DN -U <username>
where <username> is a name authorized to add computers to the domain. If you
don't have such a username, you'll have to get a suitable admin to add the
trust account on the PDC and then do step a above.
Also, I suspect that you may want to review the security settings on your
machine. You have writable and public set to "yes" in the global section of
smb.conf. I'd set them to "no" and then override them to "yes" in the
sections for the individual services that require them.
If you allow public writing to a directory, consider setting the sticky bit
for the directory. (See chmod(1))
More information about the samba