[Samba] Accessin Samba Share from NT 4 Client security = domain
kidlark
samba at kidlark.de
Fri Dec 5 14:20:48 GMT 2003
Hi group,
I´m trying to access a share on a samba 3.0.0.2 Server
winbind works,
wbinfo -g, wbinfo -u, getent passwd, getent group show nt users and nt
groups
user domain+tester is member in group domain+EDV
tail -f /var/samba/log.winbind
...
[2003/12/05 14:12:36, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[12808]: getpwnam domain+tester
[2003/12/05 14:12:36, 3] nsswitch/winbindd_rpc.c:name_to_sid(272)
rpc: name_to_sid name=tester
[2003/12/05 14:12:36, 3] nsswitch/winbindd_rpc.c:name_to_sid(281)
name_to_sid [rpc] tester for domain domain
[2003/12/05 14:12:36, 5] nsswitch/winbindd.c:winbind_client_read(462)
read failed on sock 20, pid 12808: EOF
tail -f /var/log/samba/log.computername
....
smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting User
domain+tester
ls -aln shows this,
rrdebian01:/var/freigaben# ls -aln
total 20
drwxr-xr-x 5 0 0 4096 Dec 5 10:34 .
drwxr-xr-x 17 0 0 4096 Oct 16 16:44 ..
drwxr-xr-x 2 15098 15021 4096 Dec 5 10:40 edv
getent group |grep edv
DOMAIN+EDV:x:15021:DOMAIN+tester,DOMAIN+XYZ
getent üasswd | grep tester
DOMAIN+tester:x:15098:15000::/home/DOMAIN/tester:/bin/false
Share Definition from smb.conf
[EDV]
comment = Testfreigabe NT Rechte unter Linux
path = /var/freigaben/edv
writeable = yes
public = no
valid users = @DOMAIN+edv
Winbind Def in smb.conf
log level = 1 passdb:1 auth:1 winbind:5
winbind separator =+
winbind uid = 15000-20000
winbind gid = 15000-26500
winbind cache time = 10
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/false
security = domain
encrypt passwords = true
passdb backend = tdbsam guest
obey pam restrictions = yes
; guest account = nobody
invalid users = root
Now why is User DOMAIN+tester not able to access the share ?
Thanks
Georg
More information about the samba
mailing list