[Samba] Winbind / AD

Esler, Joel Contractor EslerJ at RCERT-S.ARMY.MIL
Thu Feb 20 16:01:45 GMT 2003 

AD W2K -- Native mode.
Samba 2.2.5 -- Redhat 8.0

Attempting to authenticate the login with the Domain Controller.  I can log
into the Redhat box locally, and browse around the domain with
LinNeighborhood.  However,  this is what I want.

When a person boots RH 8.0, they get the login prompt.  When they type in
their login and password at the inital login I want it to be able to sync
with the Domain Controller to see if A) they are allowed to login to the
domain, B) Password is right, current, C) see if their account is locked...
etc etc...

I am assuming this is done through LDAP and Kerberos authentication with the
Domain Controller, however, I am getting errors.  Pasted here is a copy of
the error message I am receiving:

[2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
  Global parameter winbind separator found in service section!
[2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
  Global parameter winbind uid found in service section!
[2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
  Global parameter winbind gid found in service section!
[2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
  Global parameter winbind enum users found in service section!
[2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
  Global parameter winbind enum groups found in service section!
[2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
  Global parameter template shell found in service section!
[2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
  Global parameter winbind use default domain found in service section!
[2003/02/20 04:32:36, 0] nsswitch/winbindd_util.c:winbindd_param_init(326)
  winbind uid range missing or invalid

Here is a copy of my smb.conf

 workgroup = S-TNOSC
 server string = 
 log file = /var/log/samba/%m.log
 max log size = 0
 security = domain
 password server = *
 encrypt passwords = yes
 smb passwd file = /etc/samba/smbpasswd
 unix password sync = Yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
 pam password change = yes
 obey pam restrictions = yes
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 local master = no
 dns proxy = no 
 [homes]
   comment = Home Directories
   browseable = no
   writable = yes
   valid users = %S
   create mode = 0664
   directory mode = 0775
    winbind separator = +
   winbind uid = 10000-20000
   winbind gid = 10000-20000 
   winbind enum users = yes
   winbind enum groups = yes
   template shell = /bin/bash
   winbind use default domain = yes

Please get back to me with any advice.

More information about the samba mailing list