[Samba] Samba - User Authentication
Board, Clint
cboard at ufsonline.com
Wed Apr 30 14:58:36 GMT 2003
Leonard,
Here are the preliminary steps i went through to setup RedHat9, running
Samba 3.0 23alpha-1 as a domain member:
Downloaded the Samba SRPM and did a build
installed my new build
smb.conf changes:
security = DOMAIN
workgroup = DOM
password server = *
wins server = xxx.xxx.xxx.xxx
hosts allow = xxx.xxx.xxx. 127.
I would run testparm just to make sure my smb.conf is not broken.
Created computer account on the domain through server manager
Join the domain
root#net join -S DOMPDC -U 'DOM\Administrator%password'
As long as this returns "Joined domain DOM" or some other success message
you are good to go.
At this point your samba server is setup as a domain member, if you are not
concerned about using domain level users and groups for permissions you
don't need to go any further.
Next i added the winbind configuration to the smb.conf
winbind uid = 10000-20000
winbind gid = 10000-20000
template homedir = /home/winnt/%D/%U
template shell = /bin/bash
I would run testparm just to make sure my smb.conf is not broken again.
Start samba and winbind and make sure they are both running.
Test to see if the machine account on the domain is valid.
root#wbinfo -t
Test to see if you can authenticate on the domain from winbind.
root#wbinfo -a 'DOM\user%password'
Set the account that winbind will use to retrieve user and group
information. This needs to be the domain administrator account or an account
with domain admin rights.
root#wbinfo -A 'DOM\user%password'
Test to see if it is working.
root#wbinfo -u
You should see a list of users from the domain :)
Let me know if you have questions or if you get to a point of failure. I
definatly want to know the outcome if it is successful.
-----Original Message-----
From: Leonardo Rodríguez [mailto:leonardorleon at cantv.net]
Sent: Tuesday, April 29, 2003 5:16 PM
To: cboard at ufsonline.com
Cc: samba at lists.samba.org; radkins at impelind.com
Subject: RE: [Samba] Samba - User Authentication
Hi Clint,
Yes I did. I went throught that manual but without any success. If you
might tell me what you did to figure this problem out I will appriciate it.
In fact what I am doing is not a test enviroment because if it were I won't
be so worry about it.
Thanks Once Again
Leonardo
----------- Mensaje Original --------------
De: Board, Clint [cboard at ufsonline.com]
Para: leonardorleon at cantv.net [leonardorleon at cantv.net],
samba at lists.samba.org [samba at lists.samba.org], radkins at impelind.com
[radkins at impelind.com]
Cc:
Asunto: RE: [Samba] Samba - User Authentication
Fecha: 29/04/2003 17:17:03
Mensaje:
Leonard,
Did you go though the PDF document that John sent you the link to a couple
days ago?
http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.pdf
I finally worked through getting this setup on my NT4.0 domain and have it
working great. There are a couple things that will very from the
documentation in the PDF. If you have a test environment, i can wall you
through the procedures that i used to set it up.
-----Original Message-----
From: Leonardo Rodríguez [mailto:leonardorleon at cantv.net]
Sent: Tuesday, April 29, 2003 4:11 PM
To: samba at lists.samba.org; radkins at impelind.com
Subject: [Samba] Samba - User Authentication
Hi Robert and List,
As you told me I upgrated to Samba 2.2.5 because I'm doing the test with a
machine which has RedHat 8.0 and this RedHat version comes with it....
Anyway.....
So I made the procedure step by step but I haven't found how to make my
Windows 2000 users (PDC) can access the Linux shared folder and this is
what I've done:
My smb.conf looks like this:
[global]
workgroup = MCSE
server string = Samba Server Laboratorio CUS
netbios name = redhatcus
log file = /var/log/samba/%m.log
max log size = 0
security = domain
password server = win2k1
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
[Test]
comment = Shared Folder
path = /Test
writable = yes
printable = no
-----------------------------------
After this I added the linux machine with its netbios name (redhatcus) in
the Windows 2000 machine (PDC) then I returned to Linux and I ran this
command:
smbpasswd -r MCSE -j win2k1
It joined without any problem and I executed this command with different
users (users registered in the PDC):
[root at redhatcus /]# smbclient -L redhatcus -U administrator
added interface ip=9.177.4.156 bcast=9.255.255.255 nmask=255.0.0.0
Password:
Domain=[MCSE] OS=[Unix] Server=[Samba 2.2.5]
Sharename Type Comment
--------- ---- -------
Test Disk Shared Folder
IPC$ IPC IPC Service (Samba Server Laboratorio CUS)
ADMIN$ Disk IPC Service (Samba Server Laboratorio CUS)
Server Comment
--------- -------
REDHATCUS Samba Server Laboratorio CUS
Workgroup Master
--------- -------
MCSE REDHATCUS
[root at redhatcus /]#
But when I try to access the Test folder from Windows 2000 (PDC) using the
Windows users it fails... it says incorrect password or unknown username.
It makes me think that it's not an upgrade problem and it's a configuration
problem instead but I'm not quite sure about this so I wrote this 'cause
you are the experts on samba and I really need your help......
Did I miss something in the smb.conf file?
Do I have to do something else with my smbpasswd file or my smbusers file?
or maybe my passwd command or my smbadduser command?
The matter of all this is that I wouldn't like to have to create each one
of the Windows users in the Linux machine... it wouldn't be reasonable...
So I'll be here waiting for your help :-)
Thanks in advance
Leonardo
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list