[Samba] authentication question: NT4 PDC, Win2k clients
Bill Earl
bearl at bestbill.com
Mon Dec 30 20:19:01 GMT 2002
Hello everyone!
I'm having a strange issue with Samba. Here's the setup:
WindowsNT 4 PDC
Windows 2000 clients.
Samba 2.2.7 on a Mandrake 9 system that has successfully joined the domain and is visible when the client systems browse the network. (config files and error log samples below)
The problem is getting the Win2k clients to authenticate when they try to connect to shares that aren't open to everyone. The Samba machine does appear to be communicating with the NT4 PDC, but it appears that the clients are sending a user name with the domain name added to the front of the actual user name (or Samba is sending it that way to the PDC anyway). So if there's a user named "bearl" in the domain "pc-alpha," the Samba system is checking with the domain controller for a user named "pc-alphabearl" and the PDC correctly replies that there is no user by that name.
Does anyone have any suggestions for what could be causing this and how to fix it?
Thanks very much!
Bill
<error recorded in /var/log/messages>
Dec 30 13:31:38 dganger rmbd[2314]: domain_client_validate: unable to validate password for user pc-alphabearl in domain PC-ALPHA to Domain controller *. Error was NT_STATUS_NO_SUCH_USER.
<smb.conf file>
[global]
workgroup = PC-ALPHA
netbios name = DGANGER
server string = Samba Server %v
security = DOMAIN
encrypt passwords = Yes
password server = *
pam password change = Yes
add user script = /usr/sbin/useradd -s /sbin/false %u
log file = /var/log/samba/log.%m
max log size = 150
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = lpstat
local master = No
dns proxy = No
remote announce = 192.168.1.255
winbind separator = +
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = Yes
printing = cups
[SharedVolume]
comment = Main file share
path = /storage/sharedvolume
public = Yes
writable = Yes
guest ok = Yes
printable = No
hide dot files = Yes
browseable = Yes
[bill]
comment = Test folder for Bill
path = /storage/bill
valid users = bearl
public = No
writeable = Yes
printable = No
hide dot files = No
browseable = Yes
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the samba
mailing list