[Samba] Re: accessing shares
Tim Jordan, Network Services
timothy_jordan at labor.state.ak.us
Wed Oct 22 17:32:24 GMT 2003
"Domain Admins" is a valid Active Directory group. I have it
groupmapped to:
Domain Admins (S-1-5-21-3417231078-1290269627-1885213793-2005)
-> root
"tim" is a member of the "root" group
[LinuxSoftware]
comment = OpenSource
path = /mnt/windows/Software/
public = yes
writable = yes
printable = no
write list =@"Domain Admins"
drwxr--r-- 57 tim root 32768 Oct 8 00:49 Software (Do the
unix permissions matter or just what is in the smb.conf?)
>For the other share is you account TIM or tim ? Unix is case sensitive as
>far as i know.
>
TIM is my windows active directory account - tim is my local unix account.
[TIM]
comment = Tim's Service
path = /home/tim/
writeable = TIM
read only = No
Winbind should be handling all authentication from our M$ PDC. I can
log into my Samba box with a M$ domain account. I just can't seem to
get the share authentication working. I'm not sure what logs to watch.
I have been reviewing the smbd, nmbd, winbind, and the log that is
corresponding to the workstation trying to connect to the Samba share.
In the logs I noticed that winbind is trying to authenticate the
microsoft workstation connecting to the Samba share.
> [2003/10/21 10:58:05, 10] nsswitch/winbindd.c:process_request(305)
> process_request: request fn GETPWNAM
> [2003/10/21 10:58:05, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(112)
> [22176]: getpwnam DOL-ANC-WTS2$
> [2003/10/21 10:58:05, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(147)
> user 'DOL-ANC-WTS2$' does not exist
Have I missed something in the HOW TO: ? I don't recall having to
create machine accounts on the Samba server. I thought Samba is
supposed to authenticate the user trying to access the share. If that
is true perhaps I have a pam config file wrong? I don't know where to
start looking at how the authentication is handled on the Samba share
and more importantly what order of authentication is being done...how do
I tweak that order to point authentication to my M$ PDC? I did it for
the pam.d/login config file.
Perhaps I'm not even on the right track...
Tim
Emmanuel Viennot wrote:
>May be you should check your write list parameter wich is @"Domain Admins"
>. Is Domain Admins a valid group and is "tim" a member of this group ?
>For the other share is you account TIM or tim ? Unix is case sensitive as
>far as i know.
>
>Hope that help.
>
>
>
>
More information about the samba
mailing list