[Samba] Using WINBIND and the latest samba 3
Gabriel Matthews
gabriel at cinergycom.com
Tue Sep 30 14:01:19 GMT 2003
I've been tooling with this for a while, and I need some help... please!!
:)
Here's what I'm trying to do. I want a samba server to work with winbind,
so that when I type 'getent passwd' it shows a list of local users, as
well as my domain user list. I want a user to be able to ssh into the
machine using their NT 4 domain username, like domain\username. That's
pretty much it.
Here's what I have done thus far to accomplish this, to no avail. I have
Redhat 9. I have installed samba 3.0 from the .rpm file from samba's
site.. I have edited the .conf file to look like it does at the bottom of
this email. I have put /etc/init.d/smb and winbind in the /rc.3/ folder
so that they will start up automatically on reboot. I have edited
nsswitch.conf to look like it does at the bottom of this email. I have
even gone so far as to edit the passwd file in /etc/pam.d/ to look like it
does in the Samba HOWTO's instructions on Winbind, included at the bottom.
I can type 'wbinfo -u' and it shows me the full-on list of all users. I
can join the domain with 'net rpc join -S PDC -U admin%passwd' and receive
a 'joined domain successfully' response. Everything that I do seems to be
working fine, except for some reason my machine is not looking to winbind
for its authentication. In the HOWTO, it says that after you join the
domain, and can type 'wbinfo -u(g)' and receive proper results, then you
should be able to type 'getent passwd' and get proper results as well.
But at that point I am coming to a stop.
Is there something I'm missing perhaps? Was the RPM file for redhat 9
compiled excluding some special option that I need to accomplish this
task? If so, I can certainly compile it from source, but I need to know
what option to include so I can know what results to expect. Or perhaps
just some step in the configuration that I'm missing? I'm working on a
deadline here and I need to get this working soon, so any help anyone can
offer me would be greatly appreciated.. Thanks again!
--Reference Material:
Location of HOWTO I am referring to:
/usr/share/swat/help/Samba-HOWTO-Collection.html
Contents of /etc/samba/smb.conf:
[global]
workgroup = DOMAIN
server string = FRODO
security = SERVER
password server = LUKE
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = No
domain master = No
dns proxy = No
wins server = 192.168.1.2
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 30000-40000
Contents of /etc/nsswitch.conf:
(note: There are other lines in this file, but I have left them default,
the passwd and group lines are the only ones I have edited)
passwd: files winbind
shadow: files
group: files winbind
Contents of /etc/pam.d/passwd and /etc/pam.d/login
[root at frodo samba]# cat /etc/pam.d/passwd
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
[root at frodo samba]# cat /etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_winbind.so
auth sufficient pam_UNIX.so use_first_pass
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so
Gabriel Matthews
Network Support
Cinergy Communications
"No. I am your father."
-Darth Vader, leader, devoted parent,
and friend to all.
More information about the samba
mailing list