[Samba] Samba 3 & ADS: nobody can log in
Rich Webb
rwebb at wmis.net
Sun Oct 12 18:03:30 GMT 2003
----- Original Message -----
From: "Ron Gage" <ron at rongage.org>
To: <samba at lists.samba.org>
Sent: Sunday, October 12, 2003 1:32 PM
> Well, I got past the part about the "ads server" parameter... :)
>
> Now, it appears that nobody in the AD Domain can log into (and use) any
> resources on the Samba share.
>
> If I set "security = ads" on Samba, then nobody can log into the server -
> period.
>
> A couple of silly questions at this point (before I go completely mad)...
>
> 1) Is there any requirement that LDAP be functioning on the Samba machine?
> 2) Are there any hidden dependancies (like PAM) that are required to make
this
> work?
>
> More background: The Samba machine has successfully joined the domain (it
> shows up in AD Users and Computers), kinit works fine when logging in as
> Administrator.
>
The way I understand it, LDAP and Kerberos need to be functioning for Samba
ADS integration to work. Is there a compelling reason to use it in ADS
mode? I use PAM and Winbind so I can control access from windows 2k. That
works quite well.
Rich
More information about the samba
mailing list