[Samba] Winbind + ADS small issues
Jordan, Shane
sjordan at akili.com
Thu May 8 20:29:10 GMT 2003
Follow up:
Forgot to mention that when I do enable WORKGROUP = CORP the computer does
show up in network neighborhood...
-----Original Message-----
From: Jordan, Shane
Sent: Thursday, May 08, 2003 3:25 PM
To: 'samba at lists.samba.org'
Subject: [Samba] Winbind + ADS small issues
Ok guys after reading a ton of documentation etc I have finally got my Linux
machine to work in a ADS enviroment. I can actually go on a windows machine
type in \\linuxboxname and access shares on my Linux box.
First of all I joined the ADS correctly. wbinfo -u and -g show proper values
and everything works except my Linux computer does not show up in Network
Neighborhood on windows machines. Looking through ADS it does show as a
registered on the domain.
So I have no clue what is causing this. Here is my smb.conf file:
[global]
realm = CORP.DELINEA.COM
remote announce = 10.2.41.101
netbios name = DEMARC
# workgroup = CORP
ADS server = 10.2.20.4
server string = Linux File Server
security = ADS
preferred master = No
local master = No
domain master = No
wins server = 10.2.20.4
# ldap ssl = no
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%U
template shell = /bin/bash
winbind separator = +
winbind cache time = 10
winbind use default domain = No
encrypt passwords = yes
password server = 10.2.20.4
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[opt]
guest ok = no
read only = no
nt acl Supprt = yes
path = /opt
admin users = CORP+sjordan
[homes]
comment = Home Directories
read only = no
guest ok = no
nt acl Supprt = yes
admin users = CORP+sjordan
One thing you will notice is that i commented out the workgroup line. If I
enable this I get a prompt for a username and password that does not go
through.
In the log files I get this for log.smbd
[2003/05/08 15:21:05, 0]
auth/auth_domain.c:connect_to_domain_password_server(215)
connect_to_domain_password_server: unable to setup the NETLOGON
credentials to machine CORPSVCS. Error was : NT_STATUS_ACCESS_DENIED.
[2003/05/08 15:21:05, 0] auth/auth_domain.c:domain_client_validate(327)
domain_client_validate: Domain password server not available.
[2003/05/08 15:21:04, 0] nsswitch/winbindd_cm.c:cm_get_netlogon_cli(885)
error connecting to domain password server: NT_STATUS_ACCESS_DENIED
With that option turned off it works fine other than not showing up in
Network Neighborhood. Is this option required if your on a ADS Domain? BTW
CORPSVCS is 10.2.20.4
Thanks in advance!
Shane
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list