[Samba] Problem with winbind in Win2k domain

Matt Butt mattb at cre8tiv.com
Sat May 25 08:17:02 GMT 2002 

I've been trying to setup a Samba file server on our Win2k domain that
will use the users/groups from Win2k using Winbind.

I have been quite successful so far but have come up against a problem.

This is what I've done so far:

	- Download 2.2.4, compiled and installed fine
	- Setup winbind & added the server to the domain.  All works
fine (I ca list users, groups etc)
	- Setup samba to be on the domain (smb.conf is below)
	- Setup a directory that is shared by samba (smb.conf below).

The problem is that I can happily view the share from a machine on the
domain, but I can't write to it (create files, directories or change any
permissions).  I've tried from an XP Pro and 2K Pro client with the same
behaviour.  If I run smbstatus I can see that it knows I've logged in
under the domain username and gives my primary group.  I've tried
setting the directory on Linux with the owner/group that smbstatus
returns but that makes no difference.  I've also tried permissions as
777.  I've also tried setting the "valid users" setting on the share to
either my username, group or neither and again the same "access denied"
problem.  If I view permissions on the share or contained files I can
see that both my username & group have full permissions.

The only error that I'm getting in the log (log.machinename) is:

	[2002/05/25 16:48:27, 0] smbd/service.c:make_connection(251)
	  dually (10.0.1.242) couldn't find service ilkof

The odd thing is that the share is called "ilkoff" but the final letter
is being missed off.  Is this just a logging problem or could this be a
bug in Samba/Winbind?

If anyone has any suggestions/pointers please let me know because I'm so
close to getting the whole thing working!!!

Cheers...


Smb.conf:

[global]
 workgroup = ilkley
 netbios name = test
 server string = Samba test server
 security = DOMAIN
 encrypt passwords = Yes
 log file = /usr/local/samba/var/log.%m
 max log size = 50
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 dns proxy = No
 password server = *

 winbind separator = +
 winbind uid = 10000-20000
 winbind gid = 10000-20000
 winbind enum users = yes
 winbind enum groups = yes

[ilkoff]
        comment = Ilkley Office stuff
        path = /shares/ilkoffice
#       valid users = @ILKLEY+Domain Users	# Tried different
combinations, all fail




(NB: the "valid users" line works fine with that space in - I had to
modify the list separators in the user_in_list function so this is
possible!)

More information about the samba mailing list