[Samba] authentication problems

Aaron_Colichia at Dell.com Aaron_Colichia at Dell.com
Sun Sep 28 14:08:59 GMT 2003


While unable to actually fix ADS client authentication, I did fix my setup. 

I can still use the computer account created with the 'net join ads'
command. 

I simply changed to security = domain, and removed the realm = entirely. 

I assume the following only works if the windows 2003 DC is running in
'mixed mode' domain support

Here is the smb.conf which fixes my problem: 

[global]
security = DOMAIN
workgroup = MYDOMAIN
password server = DC1, DC2, *
encrypt passwords = yes
wins server = 192.168.0.1
netbios name = MYSAMBA
winbind separator = + 
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
obey pam restrictions = yes
template homedir = /est/home/share/%U
template shell = /bin/bash
server string = 
name resolve order = wins bcast lmhosts 
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
max log size = 4096
log file = /var/log/samba/%m
local master = yes
domain logons = no
domain master = no
preferred master = no
wins support = no
wins proxy = no
dns proxy = no 
preserve case = no
short preserve case = no
 
[homes]
write cache size = 64000
comment = "%U"
browseable = no
public = no
read only = no
guest ok = no
valid users = "@Domain Users", "@Enterprise Admins"
force group = "Domain Users"
vfs object = recycle
vfs_recycle_bin:noversions =
vfs_recycle_bin:exclude_dir =
vfs_recycle_bin:exclude =
vfs_recycle_bin:maxsize = 0
vfs_recycle_bin:touch = yes
vfs_recycle_bin:versions = yes
vfs_recycle_bin:keeptree = yes
vfs_recycle_bin:repository = .recycle
 
[upload]
write cache size = 64000
browseable = yes
comment = user uploads
path = /upload/share
read only = yes
public = yes
write list = "@Domain Users", "@Enterprise Admins"
force group = "Domain Users"
vfs object = extd_audit recycle
vfs_recycle_bin:noversions =
vfs_recycle_bin:exclude_dir =
vfs_recycle_bin:exclude =
vfs_recycle_bin:maxsize = 0
vfs_recycle_bin:touch = yes
vfs_recycle_bin:versions = yes
vfs_recycle_bin:keeptree = yes
vfs_recycle_bin:repository = .recycle/%U
 
[documents]
write cache size = 64000
browseable = yes
comment = documents
path = /documents/share
read only = no
public = yes
guest ok = yes
valid users = "@Domain Users", "@Enterprise Admins"
force group = "Domain Users"
vfs object = extd_audit recycle
vfs_recycle_bin:noversions =
vfs_recycle_bin:exclude_dir =
vfs_recycle_bin:exclude =
vfs_recycle_bin:maxsize = 0
vfs_recycle_bin:touch = yes
vfs_recycle_bin:versions = yes
vfs_recycle_bin:keeptree = yes
vfs_recycle_bin:repository = .recycle/%U
 
[tftp]
write cache size = 64000
browseable = yes
comment = tftp
path = /tftp/share
read only = no
public = no
guest ok = yes
valid users = "@Enterprise Admins", "@Domain Users"
force group = "Domain Users"
vfs object = extd_audit recycle
vfs_recycle_bin:noversions =
vfs_recycle_bin:exclude_dir =
vfs_recycle_bin:exclude =
vfs_recycle_bin:maxsize = 0
vfs_recycle_bin:touch = yes
vfs_recycle_bin:versions = yes
vfs_recycle_bin:keeptree = yes
 
[public]
write cache size = 64000
browseable = yes
comment = public files
path = /public/share
read only = yes
public = yes
guest ok = yes
write list = "@Enterprise Admins"
vfs object = extd_audit recycle
vfs_recycle_bin:noversions =
vfs_recycle_bin:exclude_dir =
vfs_recycle_bin:exclude =
vfs_recycle_bin:maxsize = 0
vfs_recycle_bin:touch = yes
vfs_recycle_bin:versions = yes
vfs_recycle_bin:keeptree = yes
vfs_recycle_bin:repository = .recycle/%U 



More information about the samba mailing list