[Samba] samba as a domain member server using winbind
ipguy at optushome.com.au
ipguy at optushome.com.au
Wed May 28 10:14:44 GMT 2003
hi all
i seem to be having a problem replicating an installation of samba as a "domain member server" to our NT4 PDC
when i initally installed samba i was able to use the DC's as the authentication source to allow the windows workstation access to the samba share via winbind, it all worked well, as documented, i didn't even need to setup user accounts on the samba box.
now that i'm building the production server, i can't seem to replicate the success, no matter what i try the samber server keeps returning a username and password dialog box to the windows users and logs the below error for the users trying to connect....
I successfully joined the domain by " smbpasswd -j PDC -r PDCNAME -U Administrator"
(Note: I needed to add the samber server to the domain on the PDC first before I could join on the samba server)
[2003/05/28 19:46:32, 0] smbd/password.c:domain_client_validate(1558)
domain_client_validate: could not fetch trust account password for domain PDC
[2003/05/28 19:46:32, 1] smbd/password.c:pass_check_smb(545)
Couldn't find user 'PDC\ipguy' in passdb.
[2003/05/28 19:46:32, 2] smbd/reply.c:reply_sesssetup_and_X(997)
NT Password did not match for user 'PDC\ipguy'!
[2003/05/28 19:46:32, 2] smbd/reply.c:reply_sesssetup_and_X(1007)
Defaulting to Lanman password for PDC\ipguy
[2003/05/28 19:46:32, 1] smbd/password.c:pass_check_smb(545)
Couldn't find user 'PDC\ipguy' in passdb.
[2003/05/28 19:46:32, 1] smbd/reply.c:reply_sesssetup_and_X(1023)
Rejecting user 'PDC\ipguy': authentication failed
[2003/05/28 19:46:32, 2] smbd/server.c:exit_server(511)
Closing connections
my smb.conf
------------------------------
[global]
netbios name = SAMBA
workgroup = PDC
log level = 2
log file = /usr/local/samba/var/samba.log.%U
security = domain
hosts allow = 192.xx.xxx. 127.
password server = *
encrypt passwords = yes
wins server = 192.xx.xx.xx
winbind cache time = 15
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
[data]
path = /array/samba
browseable = yes
writeable = yes
the correct libnss_winbind links in /lib
---------------------------------------------
-rwxr-xr-x 1 root root 17K May 28 17:59 libnss_winbind.so
lrwxrwxrwx 1 root root 17 May 28 19:32 libnss_winbind.so.1 -> libnss_winbind.so
lrwxrwxrwx 1 root root 17 May 28 18:02 libnss_winbind.so.2 -> libnss_winbind.so
/etc/nssswitch.conf
----------------------------
passwd: files winbind
shadow: files
group: files winbind
only problem is, i don't recall if i needed to setup PAM, if I do can anyone point me in the right direction, do I need to edit "/etc/pam.d/login" so the windows users can authenticate and access the share ?
any suggestion would be appreciated.
-ipguy
More information about the samba
mailing list