[Samba] solaris/2.2.2 authentication against NT domain (ie. r
oot canal)
Javid Abdul-AJAVID1
AJAVID1 at motorola.com
Wed Sep 25 21:03:00 GMT 2002
why do you have smbpasswd file, when you are in domain mode?
-----Original Message-----
From: AMueller at YesVirginia.org [mailto:AMueller at YesVirginia.org]
Sent: Wednesday, September 25, 2002 3:07 PM
To: samba at lists.samba.org
Subject: [Samba] solaris/2.2.2 authentication against NT domain (ie.
root canal)
Greetings,
This is my first post (hopefully not too newbie for this group). Thank you
in advance to anyone who feels compelled to help. I'm trying to get a copy
of Samba 2.2.2 running on Solaris 9 to authenticate against an NT domain. I
have successfully done this on a Redhat 7.2 box which is running Samba 2.2.4
on the same domain. As best as I can tell, the configurations of these
sambas seem the same but something must be wrong. I can successfully add
the box to the domain and access it fine using 'share' authentication but
when I try to use 'domain' authentication, I get "Incorrect password or
unknown username" and the following is generated in log.smbd....
[2002/09/25 15:54:04, 0] smbd/password.c:domain_client_validate(1554)
domain_client_validate: could not fetch trust account password for domain
DOMAINP
[2002/09/25 15:54:04, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(171)
startsmbfilepwent_internal: unable to open file
/usr/local/samba/private/smbpasswd.
Error was No such file or directory
[2002/09/25 15:54:04, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1368)
unable to open passdb database.
[2002/09/25 15:54:04, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(171)
startsmbfilepwent_internal: unable to open file
/usr/local/samba/private/smbpasswd.
Error was No such file or directory
[2002/09/25 15:54:04, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1368)
unable to open passdb database.
My username map file is essentially...
!root = me
nobody = *
...and here's my configuration...
# Global parameters
[global]
coding system =
client code page = 850
code page directory = /usr/local/samba/lib/codepages
workgroup = DOMAINNAME
netbios name = BOXNAME
netbios aliases =
netbios scope =
server string = Samba 2.2.2
interfaces =
bind interfaces only = No
security = DOMAIN
encrypt passwords = Yes
update encrypted = Yes
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
map to guest = Never
null passwords = No
obey pam restrictions = No
password server = server1 server2 server3
smb passwd file = /usr/local/samba/private/smbpasswd
root directory =
pam password change = No
passwd program =
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = No
username map = /etc/usernamemap
password level = 0
username level = 0
unix password sync = No
restrict anonymous = No
lanman auth = Yes
use rhosts = No
log level = 0
syslog = 1
syslog only = No
log file =
max log size = 5000
timestamp logs = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
protocol = NT1
large readwrite = No
max protocol = NT1
min protocol = CORE
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
announce version = 4.5
announce as = NT
max mux = 50
max xmit = 65535
name resolve order = lmhosts host wins bcast
max packet = 65535
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max smbd processes = 0
max disk size = 0
max open files = 10000
read size = 16384
socket options = TCP_NODELAY
stat cache size = 50
use mmap = Yes
total print jobs = 0
load printers = Yes
printcap name = lpstat
disable spoolss = No
enumports command =
addprinter command =
deleteprinter command =
show add printer wizard = Yes
os2 driver map =
strip dot = No
character set =
mangled stack = 50
stat cache = Yes
domain admin group =
domain guest group =
machine password timeout = 604800
add user script =
delete user script =
logon script =
logon path = \\%N\%U\profile
logon drive =
logon home = \\%N\%U
domain logons = No
os level = 20
lm announce = Auto
lm interval = 60
preferred master = Auto
local master = Yes
domain master = Auto
browse list = Yes
enhanced browsing = Yes
dns proxy = Yes
wins proxy = No
wins server = 172.16.10.5
wins support = No
wins hook =
kernel oplocks = Yes
oplock break wait time = 0
add share command =
change share command =
delete share command =
config file =
preload =
lock dir = /usr/local/samba/var/locks
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map =
time offset = 0
NIS homedir = No
source environment =
panic action =
hide local users = No
host msdfs = No
winbind uid =
winbind gid =
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator = \
winbind cache time = 15
winbind enum users = Yes
winbind enum groups = Yes
comment =
path =
alternate permissions = No
username =
guest account = nobody
invalid users =
valid users =
admin users =
read list =
write list =
printer admin =
force user =
force group =
read only = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
inherit permissions = No
guest only = No
guest ok = No
only user = No
hosts allow = 172.
hosts deny =
status = Yes
nt acl support = Yes
max connections = 0
min print space = 0
strict allocate = No
strict sync = No
sync always = No
write cache size = 0
max print jobs = 1000
printable = No
postscript = No
printing = sysv
print command = lp -c -d%p %s; rm %s
lpq command = lpstat -o%p
lprm command = cancel %p-%j
lppause command = lp -i %p-%j -H hold
lpresume command = lp -i %p-%j -H resume
queuepause command = disable %p
queueresume command = enable %p
printer name =
use client driver = No
printer driver =
printer driver file = /usr/local/samba/lib/printers.def
printer driver location =
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
hide unreadable = No
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = Yes
oplock contention limit = 2
posix locking = Yes
strict locking = No
copy =
include =
exec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filemode = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
vfs object =
vfs options =
msdfs root = No
[scratch]
path = /stripe_vol
read only = No
guest ok = Yes
Aric Mueller
Senior GIS Specialist
Virginia Economic Development Partnership
901 E. Byrd Street
Richmond, VA 23219
804-371-0409
amueller at yesvirginia.org
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list