[Samba] Re: domain groups accessing samba share
Gavin Davenport
gavdav at gavdav.demon.co.uk
Wed Oct 15 08:04:44 GMT 2003
Hiya Tim, Thanks for helping.
Can you post your
smb.conf
/etc/pam.d/login
wbinfo -g
wbinfo -u
getent passwd
getent group
Here we go:
# Global parameters
[global]
workgroup = MYDOMAIN
realm = MYNETWORK.ISP.CO.UK
server string = Linux Samba Server
security = ADS
password server = bashful
log level = 3
log file = /var/log/samba/log.%m
max log size = 100
smb ports = 445
announce as = NT Workstation
name resolve order = host bcast
wins server = 10.0.0.104
client signing = Yes
server signing = Yes
client use spnego = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = No
os level = 10
preferred master = No
local master = No
domain master = No
dns proxy = No
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
# winbind separator = +
winbind cache time = 2
# winbind use default domain = Yes
comment = Redhat 7.1 Samba
hosts allow = 127., 10.0.0.
[homes]
comment = Home Directories
read only = No
browseable = No
[Software]
comment = Software Library
path = /mnt/largeprimary/software
# valid users = @MYNETWORK.ISP.CO.UK\"Domain Users"
# Admin users = @MYNETWORK.ISP.CO.UK\gavdav
[root at potato /root]# more /etc/pam.d/login
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
wbinfo -u
[root at potato /root]# wbinfo -u
MYDOMAIN\gavdav
MYDOMAIN\Guest
MYDOMAIN\Administrator
MYDOMAIN\krbtgt
MYDOMAIN\SUPPORT_388945a0
MYDOMAIN\fbloggs
<snip>
wbinfo -g
[root at potato /root]# wbinfo -g
MYDOMAIN\Domain Computers
MYDOMAIN\Cert Publishers
MYDOMAIN\Domain Users
MYDOMAIN\Domain Guests
MYDOMAIN\RAS and IAS Servers
MYDOMAIN\Group Policy Creator Owners
MYDOMAIN\Schema Admins
MYDOMAIN\Enterprise Admins
MYDOMAIN\Domain Admins
MYDOMAIN\Domain Controllers
<snip>
[root at potato /root]# getent passwd
root:x:0:0:root:/root:/bin/bash
<snip>
xfs:x:43:43:X Font Server:/etc/X11/fs:/bin/false
gdm:x:42:42::/home/gdm:/bin/bash
gavdav:x:500:500:Gavin Davenport:/home/gavdav:/bin/bash
named:x:200:200:Nameserver:/var/named:/bin/false
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
[root at potato /root]# getent group
root:x:0:root
<snip>
nobody:x:99:
users:x:100:gavdav
<snip>
xfs:x:43:
gdm:x:42:
gavdav:x:500:
vcsa:x:69:
getent and setent are listing local users and groups.
What do I need to change in /etc/pam.d/login to fix it ?
Where should I be looking for help ?
Thanks very much
Gavin Davenport
More information about the samba
mailing list