[Samba] Winbind, AD login problem
Kenneth Savoy
kensavoy at nbnet.nb.ca
Thu Nov 20 13:39:25 GMT 2003
I am trying to get about 40 workstations to join a windows server 2003 active directory domain. The network has about 7 domains. It is a fairly large WAN. I can view the domain users with wbinfo, getent shows the users in unix format. When I try to login it asks me for a password but wont accept anything. I have a PDC server and an LDAP server. Does ldap have to be configured on the client end? My smb.conf, nsswitch.conf, /etc/pam.d/login and /etc/pam.d/samba are below. I appreciate any help you can give me.
I start smb daemons in this order
smbd
nmbd
winbindd
<<SMB.CONF>>
[global]
winbind separator = +
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
idmap uid = 10000-20000
idmap gid = 10000-20000
workgroup = <mydomain>
security = domain
password server = <MY PRIMARY DOMAIN CONTOLLER SERVER> **There is an LDAP
server but if I put that here I cant list users**
<<NSSWITCH.CONF>>
passwd: files winbind
shadow: files
group: files winbind
hosts: files dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files
publickey: nisplus
automount: files
aliases: files nisplus
<</etc/pam.d/samba>>
#%PAM-1.0
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
<</etc/pam.d/login>>
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_UNIX.so use_first_pass
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
More information about the samba
mailing list