[Samba] Winbind & Samba 2.2.7a on FreeBSD

Wolfram A. Kraushaar w_k at gmx.net
Fri Jan 3 06:12:01 GMT 2003

Hello all,

I've got a weird problem with a fresh install of Samba
from the FreeBSD ports collection (btw. the BSD-box is
also a fresh 4.7 Stable install).

Configured Samba 2.2.7a
- without cups
- with winbind
- with winbind-auth
- with audit
so far, the installation seemed to work fine...

Then I copied the libnss_winbind.so to /usr/lib
and softlinked it to /usr/local/lib as well as
to the other files mentioned in the howto (with 
the .so.1 and .so.2 endings). FreeBSD has no /lib 
directory, so I used the ones below /usr and /usr/local.

I left out the pam step because I just want to provide
the file-serving capabilities of samba to the clients
(hope this is correct - this is my first time playing around 
with winbind because I'm bored with syncronizing NT&Unix 

Then, I joined the domain with
smbpasswd -j MYDOM -r NT4PDC -U Administrator (supplied the 
correct password) and got the success message.

The wbinfo otions -u, -g, -t, -a (challenge/response & plaintext)
do all work fine.
But when I want to connect from a w2ksp2-machine to Samba, it doesn't
seem to hand over the provided user credentials to winbindd (same with
smbclient on localhost).

So here are some questions:
- I don't need the pam configuration if I don't want other services to 
  be authenticated with winbind, do I?
- I don't need more winbind uid's and gid's than Users and Groups on 
  the PDC?
- If I enable the "winbind use default domain" option, I don't need to
  add the NT-Domainname to the Usernames in valid/admin users, do I?
- Which is a good loglevel to see where the authentication fails?
- Any other hints from more experienced samba/winbind/freebsd(non-linux)
  users (maybe you have a look at my smb.conf below)?

btw here's my smb.conf:

	workgroup = MYDOM
	netbios name = FOO
	interfaces = xl0
	bind interfaces only = Yes
	security = DOMAIN
	encrypt passwords = Yes
	update encrypted = Yes
	password server = NT4PDC, NT4BDC
	wins server = NT4PDC
	winbind uid = 15000-15050
	winbind gid = 15000-15050
	template shell = /sbin/nologin
	winbind separator = +
	winbind cache time = 5
	winbind use default domain = Yes

	path = /
	valid users = Admin1, Admin2
	admin users = Admin1, Admin2
	read only = No

	path = /raid
	valid users = Admin1, Admin2
	admin users = Admin1, Admin2
	read only = No

any hints?
would be great ;-)

More information about the samba mailing list