[Samba] Re: Please assist with Winbind issues!

SRuth at LANDAM.com SRuth at LANDAM.com
Thu Oct 10 15:50:01 GMT 2002


I think my typo may have been the problem after all.  Doh! 

It seems to be working properly now.

A couple of additional things I've noticed:

'obey pam restrictions' must be set to yes to get the pam_mkhomedir module to do its job.

The homes share must have /home/%D as the path.  /home/%D/%U, and blank does not work.  This connects the user to a share named after the login ID, but double-clicking that share shows all of the folders in the /home/%D path rather than just the contents of the user's folder.  Which makes sense, but why doesn't /home/%D/%U or a blank entry work?

Thanks to everyone for your assistance.

More questions to come, I'm sure.  :-)


-----Original Message-----
From: John H. Reinhardt [mailto:johnhreinhardt at yahoo.com]
Sent: Wednesday, October 09, 2002 7:25 AM
To: samba at lists.samba.org
Cc: SRuth at LANDAM.com
Subject: Re: [Samba] Please assist with Winbind issues!


    Being somewhat of a newbie, I cannot comment on everything that you've 
included here with authority, but I did notice a typographic error in the 
pam_winbind.so line for PAM account checking in your 
"/etc/pam.d/system-auth" file.  It's pointed out below.  Seems like that 
could be the problem since you can authenticate, but just not with the 
correct account.

    John Reinhardt

>Message: 14
>From: SRuth at LANDAM.com
>To: samba at lists.samba.org
>Date: Tue, 8 Oct 2002 17:29:23 -0400
>Subject: [Samba] Please assist with Winbind issues!


>Here is my /etc/pam.d/system-auth
>auth        required      /lib/security/pam_env.so
>auth        sufficient    /lib/security/pam_winbind.so
>auth        sufficient    /lib/security/pam_unix.so likeauth nullok 
>auth        required      /lib/security/pam_deny.so
>account     sufficient    /lib/secutiry/pam_winbind.so

                                     ^^^ <== Typo here...

>account     required      /lib/security/pam_unix.so
>password    required      /lib/security/pam_cracklib.so retry=3
>password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5 
>password    required      /lib/security/pam_deny.so
>session     required      /lib/security/pam_mkhomedir.so skel=/etc/skel/ 
>session     required      /lib/security/pam_limits.so
>session     required      /lib/security/pam_unix.so
>Here is my /etc/samba/smb.conf:
>         workgroup = CHICAGO
>         netbios name = SILCHRS03
>         server string =
>         security = DOMAIN
>         encrypt passwords = Yes
>         password server = *
>         log level = 3
>         log file = /var/log/samba/log.%m
>         max log size = 50
>         large readwrite = Yes
>         name resolve order = host wins bcast
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         load printers = No
>         preferred master = False
>         local master = No
>         domain master = False
>         dns proxy = No
>         wins server = 172.30.XXX.XXX
>         winbind uid = 10000-50000
>         winbind gid = 10000-50000
>         template shell = /bin/bash
>         guest account = ftp
>         invalid users = root bin daemon adm sync shutdown halt mail news 
> uucp operator gopher
>         printer admin = +PrinterAdmins
>         nt acl support = No
>         printing = cups
>         comment = Home Directories
>         read only = No
>         browseable = No
>         comment = All Printers
>         path = /var/spool/samba
>         printable = Yes
>         browseable = No
>I really want this to work, so any help is appreciated.
>Please include my e-mail address in any replies.
>Thank you!

More information about the samba mailing list