[Samba] Winbind / AD

KaiserM at Gendorf.de KaiserM at Gendorf.de
Fri Feb 21 08:48:04 GMT 2003 

Hello,

type the winbindoptions in the [global] section.

[global]
winbind uid = 10000-20000
winbind gid = 10000-20000 
winbind use default domain = yes
.
.
.

I think this is the fault.

Mit freundlichen Grüßen
Kaiser MIchael


> -----Original Message-----
> From: Esler, Joel Contractor [mailto:EslerJ at RCERT-S.ARMY.MIL] 
> Sent: Thursday, February 20, 2003 5:02 PM
> To: samba at lists.samba.org
> Subject: [Samba] Winbind / AD
> 
> 
> AD W2K -- Native mode.
> Samba 2.2.5 -- Redhat 8.0
> 
> Attempting to authenticate the login with the Domain 
> Controller.  I can log into the Redhat box locally, and 
> browse around the domain with LinNeighborhood.  However,  
> this is what I want.
> 
> When a person boots RH 8.0, they get the login prompt.  When 
> they type in their login and password at the inital login I 
> want it to be able to sync with the Domain Controller to see 
> if A) they are allowed to login to the domain, B) Password is 
> right, current, C) see if their account is locked... etc etc...
> 
> I am assuming this is done through LDAP and Kerberos 
> authentication with the Domain Controller, however, I am 
> getting errors.  Pasted here is a copy of the error message I 
> am receiving:
> 
> [2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
>   Global parameter winbind separator found in service 
> section! [2003/02/20 04:32:36, 0] 
> param/loadparm.c:lp_do_parameter(2763)
>   Global parameter winbind uid found in service section! 
> [2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
>   Global parameter winbind gid found in service section! 
> [2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
>   Global parameter winbind enum users found in service 
> section! [2003/02/20 04:32:36, 0] 
> param/loadparm.c:lp_do_parameter(2763)
>   Global parameter winbind enum groups found in service 
> section! [2003/02/20 04:32:36, 0] 
> param/loadparm.c:lp_do_parameter(2763)
>   Global parameter template shell found in service section! 
> [2003/02/20 04:32:36, 0] param/loadparm.c:lp_do_parameter(2763)
>   Global parameter winbind use default domain found in 
> service section! [2003/02/20 04:32:36, 0] 
> nsswitch/winbindd_util.c:winbindd_param_init(326)
>   winbind uid range missing or invalid
> 
> Here is a copy of my smb.conf
> 
>  workgroup = S-TNOSC
>  server string = 
>  log file = /var/log/samba/%m.log
>  max log size = 0
>  security = domain
>  password server = *
>  encrypt passwords = yes
>  smb passwd file = /etc/samba/smbpasswd
>  unix password sync = Yes
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
>  pam password change = yes
>  obey pam restrictions = yes
>  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192  
> local master = no  dns proxy = no 
>  [homes]
>    comment = Home Directories
>    browseable = no
>    writable = yes
>    valid users = %S
>    create mode = 0664
>    directory mode = 0775
>     winbind separator = +
>    winbind uid = 10000-20000
>    winbind gid = 10000-20000 
>    winbind enum users = yes
>    winbind enum groups = yes
>    template shell = /bin/bash
>    winbind use default domain = yes
> 
> Please get back to me with any advice.
>  
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list