[Samba] Authenticating against a Windows 2000 DC?
Frank Matthieß
frankm at lug-owl.de
Sun Jan 5 12:08:01 GMT 2003
At 5.01.2003 on 4:29 CET +0100, wrote Chris Palmer:
> > From: Daniel Wittenberg [mailto:daniel-wittenberg at uiowa.edu]
>
> > I don't have a url handy at the moment, but you want to look at using
> > winbind, it'll do what you're looking for.
>
> Thanks for the clue. :)
>
> I found documentation for it at http://myserver:901/swat/help/winbindd.8.html. I followed the directions there to the letter, although I only changed /etc/pam.d/samba, none of the others. (Should I change any of the others?)
"Samba-HOWTO-Collection" Page 73.
>
> However, "getent passwd" and "getent group" show only the contents of my /etc/passwd and /etc/group, and not the stuff from my Windows domain. Also, I cannot log into SWAT anymore (!) -- although I can mount Samba shares on my Windows workstation using my Linux username and password (but not my Windows username/password).
>
> So clearly I'm missing some critical step.
>
> winbindd, smbd and nmbd are all running. My /etc/nsswitch.conf is as follows:
[...]
Seems to be correct.
> Here is /etc/pam.d/samba:
[...]
Seems to be correct.
>
> And the [global] section of /etc/samba/smb.conf:
[...]
Seems to be correct.
> Does anyone have any idea what I'm missing? Thanks in advance, again.
Does your samba server DEV hav a machineaccount in domain?
You have joined samba to the domain?
For "special user" you have setup a usetr mapping windows names <-> unix
names?
man smb.conf:
username map (G)
This option allows you to specify a file containing a mapping of
usernames from the clients to the server. This can be used for
[...]
You can map Windows usernames that have spaces in them by using
double quotes around the name. For example:
tridge = "Andrew Tridgell"
would map the windows username "Andrew Tridgell" to the unix
username "tridge".
[...]
With regards
Frank Matthieß.
--
Frank Matthieß frankm at lug-owl.de
More information about the samba
mailing list