[Samba] Winbind and Windows 2000

Buchan Milne bgmilne at cae.co.za
Thu Jul 4 03:49:02 GMT 2002


> Message: 6
> From: Hasch at t-online.de (Juergen Hasch)
> Reply-To: hasch at t-online.de
> To: Thomas Stegbauer <tsmailing at tronicplanet.de>,
> 	Brad Richins <BRichins at lopezgarciagroup.com>
> Subject: Re: [Samba] Winbind and Windows 2000
> Date: Wed, 3 Jul 2002 20:53:16 +0200
> Cc: samba at lists.samba.org
> 
> Am Mittwoch, 3. Juli 2002 10:14 schrieb Thomas Stegbauer:
> 
>> Brad Richins schrieb:
>> | I am trying to used Winbind to retrieve user accounts from a Windows
>> | 2000 native domain to no avail.  It would appear as though Winbind uses
>> | an anonymous connection for communication and my Windows 2000 domain is
>> | denying anonymous access.  Does anyone know how to winbind to use a user
>> | account or how to set a Win2K Domain to allow anonymous connection after
>> | it has been switched to ÿNative Modeÿ  I have already checked the
>> | registry on my Domain controller at
>>
>> //HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/control/Lsa/restrictanonymous
>>.
>>
>> | This is in reference to a previous unanswered question where I posted my
>> | smb.conf and winbindd debug output:
>> | http://marc.theaimsgroup.com/?l=samba&m=102546714116241&w=2
>> | <http://marc.theaimsgroup.com/?l=samba&m=102546714116241&w=2>
>> |
>> |
>> |
>> | Any help is appreciated.
>>
>> hi brad,
>>
>> i have the exactly same problem. i am not 100% sure, but can it be that
>> for this active directory support must be given? so samba 3.0 is needed?
>>
>> greetings
>> thomas
> 
> 
> You can set a user for winbind to authenticate with: 
> 	wbinfo -A user%password


But shouldn't winbind set this up to use the machine account? Or how is 
this supposed to work? Does it need a user account?

We are looking at streamlining the process of joining winbind machines, 
and potential clients are very averse to enabling pre-Windows-2000 
compatible access.

Or should we just have a wrapper around smbpasswd -j which grabs the 
username and password of a domain admin account, and uses that for 
wbinfo -A. Only problem is that this wouldn't work for pre-made machine 
accounts ....

Buchan

-- 
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7





More information about the samba mailing list