[Samba] Winbind groups & Samba 3beta3
Lahners, Jeremy
jlahners at schemmer.com
Fri Jul 25 15:46:50 GMT 2003
I am having a problem with the "valid users" directive on two of my shares. By viewing my logs, it appears winbind is failing even though my username and password are correct. Any help on this would be greatly appreciated... below are my smb.conf and the tail of my log.winbind. Thanks!
# Samba config file created using SWAT
# from 192.168.100.93 (192.168.100.93)
# Date: 2003/07/21 13:05:48
# Global parameters
[global]
workgroup = SCHEMMER
realm = SCHEMMER.COM
server string = File Server
security = ADS
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = No
domain master = No
dns proxy = No
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind use default domain = Yes
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[Projects]
comment = All Project Files
path = /shares/projects
read only = No
create mask = 0777
[Accounting]
comment = Accounting Files
path = /shares/acct
valid users = @"Domain Admins", @"SCHEMMER\Department Accounting"
read only = No
create mask = 0777
[HR]
comment = Human Resources Files
path = /shares/hr
read only = No
create mask = 0777
valid users = @"Domain Admins", @"Department HR"
[Proposals]
comment = All Proposal Files
path = /shares/proposals
read only = No
create mask = 0777
[2003/07/25 10:47:05, 5] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(422)
NTLM CRAP authentication for user [SCHEMMER]\[smicheels] returned NT_STATUS_OK (PAM: 0)
[2003/07/25 10:47:05, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
[ 4075]: getpwnam schemmer\smicheels
[2003/07/25 10:47:05, 3] nsswitch/winbindd_ads.c:name_to_sid(321)
ads: name_to_sid
[2003/07/25 10:47:05, 5] libads/ldap_utils.c:ads_do_search_retry(52)
Search for (|(sAMAccountName=smicheels)(userPrincipalName=smicheels at SCHEMMER.COM)) gave 1 replies
[2003/07/25 10:47:05, 3] libads/ads_ldap.c:ads_name_to_sid(82)
ads name_to_sid mapped smicheels
[2003/07/25 10:47:05, 3] nsswitch/winbindd_sid.c:winbindd_gid_to_sid(225)
[ 4075]: gid to sid 10001
[2003/07/25 10:47:05, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(236)
[ 4075]: getgrnam Domain Admins
[2003/07/25 10:47:05, 3] nsswitch/winbindd_ads.c:name_to_sid(321)
ads: name_to_sid
[2003/07/25 10:47:05, 5] libads/ldap_utils.c:ads_do_search_retry(52)
Search for (|(sAMAccountName=Domain Admins)(userPrincipalName=Domain Admins at SCHEMMER.COM)) gave 1 replies
[2003/07/25 10:47:05, 3] libads/ads_ldap.c:ads_name_to_sid(82)
ads name_to_sid mapped Domain Admins
[2003/07/25 10:47:05, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(236)
[ 4075]: getgrnam SCHEMMER\Department Accounting
[2003/07/25 10:47:05, 3] nsswitch/winbindd_ads.c:name_to_sid(321)
ads: name_to_sid
[2003/07/25 10:47:05, 5] libads/ldap_utils.c:ads_do_search_retry(52)
Search for (|(sAMAccountName=Department Accounting)(userPrincipalName=Department Accounting at SCHEMMER.COM)) gave 1 replies
[2003/07/25 10:47:05, 3] libads/ads_ldap.c:ads_name_to_sid(82)
ads name_to_sid mapped Department Accounting
[2003/07/25 10:47:16, 5] nsswitch/winbindd.c:winbind_client_read(476)
read failed on sock 22, pid 4075: EOF
Jeremy Lahners
jlahners at schemmer.com
Manager, Information Technology
The Schemmer Associates Inc.
(402) 493-4800 - Voice
(402) 493-7951 - Fax
More information about the samba
mailing list