[Samba] Samba as NT Domain Member via Winbind - After Upgrade users
prompted for password for any shares
Jason.McGlamary at Medstar.net
Jason.McGlamary at Medstar.net
Wed Aug 25 19:30:10 GMT 2004
Hello,
Apparently, I did a stupid thing today. I used apt-get on my
Debian Woody system to upgrade my Samba packages from 3.0.2 to 3.0.6.
Since doing so, all my users are prompted for a password when trying to
access shares. Even just listing the IPC$, Windows XP systems prompt for
user name and password. Windows 98 machines prompt for password. None
are successful. I believe winbind is working OK. When I run wbinfo -u
all the users in my domain are listed as expected. Does anyone have any
idea as to what the problem could be, or what information could help me
solve the problem? I've been googling all day, but most issues have to do
with making sure SECURITY=DOMAIN, which mine is. I've included my
smb.conf and nsswitch.conf files below. I'd appreciate any insight you
can offer.
Thanks,
Jason McGlamary
PC/LAN Specialist
Washington Hospital Center
********smb.conf
# Samba config file created using SWAT
# from 172.25.5.105 (172.25.5.105)
# Date: 2004/08/25 14:46:03
# Global parameters
[global]
workgroup = MHG
netbios aliases = MERCURY
server string = DON App Server
security = DOMAIN
allow trusted domains = No
passdb backend = tdbsam
pam password change = Yes
preferred master = No
local master = No
domain master = No
wins server = a:192.168.121.9, a:198.50.86.251, a:198.50.78.20
ldap ssl = no
idmap uid = 10000-40000
idmap gid = 10000-40000
template homedir =
winbind use default domain = Yes
admin users = mhg\jxmm
[MRAudit]
path = /usr/local/MRAudit/
admin users = mhg\jxmm, mhg\skb5
force group = UsrMRAudit
read only = No
create mask = 0740
directory mask = 02740
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
hide unreadable = Yes
level2 oplocks = No
strict locking = No
[EStaff]
path = /usr/local/EStaff
admin users = mhg\jxmm, mhg\skb5
force group = UsrEStaff
read only = No
create mask = 0740
directory mask = 02740
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
hide unreadable = Yes
level2 oplocks = No
strict locking = No
[StfEffect]
path = /usr/local/StfEffect
valid users = mhg\jxmm, mhg\ekr1
admin users = mhg\jxmm, mhg\ekr1
read only = No
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[Wound]
path = /usr/local/Wound
valid users = mhg\jxmm, mhg\ekr1
admin users = mhg\jxmm, mhg\ekr1
read only = No
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[NsgMgt]
path = /usr/local/NsgMgt
valid users = mhg\jxmm, mhg\ekr1, mhg\amp1, mhg\bxs5, mhg\crr2,
mhg\dmh3, mhg\jmm5, mhg\lah5, mhg\lxf1, mhg\lxv3, mhg\mah7, mhg\pxg4,
mhg\sbm1, mhg\sxe1, mhg\tso1, mhg\txbi, mhg\cao7, mhg\alv1, mhg\rxb8,
mhg\ixd1
admin users = mhg\jxmm, mhg\ekr1
force group = UsrNsgMgmnt
read only = No
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[ORS DataFiles]
path = /usr/local/ORS Data Files
valid users = mhg\jxmm, mhg\ekr1, mhg\ddm5, mhg\bsg2, mhg\bas6
admin users = mhg\jxmm, mhg\ekr1
force group = UsrORSData
read only = No
create mask = 0760
directory mask = 02770
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[ORS Staff Chg]
path = /usr/local/ORS Staffing Changes
valid users = mhg\jxmm, mhg\ekr1, mhg\dqb1, mhg\amba, mhg\exb5,
mhg\vlc4, mhg\blc3, mhg\ame3, mhg\yxf1, mhg\exf4, mhg\bsg2, mhg\ncg2,
mhg\pxg4, mhg\exh6, mhg\sth3, mhg\lgk1, mhg\esm2, mhg\mxm8, mhg\amn1,
mhg\exr4, mhg\bas6, mhg\cvs2, mhg\daw7, mhg\mxp6
admin users = mhg\jxmm, mhg\ekr1
force group = UsrORSStaffing
read only = No
create mask = 0760
directory mask = 02770
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[ORS OT]
path = /usr/local/ORS OT Utilization
valid users = mhg\jxmm, mhg\ekr1, mhg\exb5, mhg\exf4, mhg\bsg2,
mhg\pxg4, mhg\exh6, mhg\mxm8, mhg\bas6, mhg\cvs2, mhg\daw7, mhg\sxw7
admin users = mhg\jxmm, mhg\ekr1
read list = mhg\pxg4, mhg\bas6
force group = UsrORSUtil
read only = No
create mask = 0760
directory mask = 02770
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[ORS Outcomes]
path = /usr/local/ORS Volume Outcomes
valid users = mhg\jxmm, mhg\ekr1, mhg\bsg2, mhg\ddm5, mhg\jme1,
mhg\psb3
admin users = mhg\jxmm, mhg\ekr1
read list = mhg\jme1, mhg\psb3
force group = UsrORSOutcomes
read only = No
create mask = 0760
directory mask = 02770
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[TravelOffice]
path = /usr/local/TravelOffice
valid users = mhg\jxmm, mhg\ary2, mhg\bvg1, mhg\cam3, mhg\kmi1,
mhg\llh3, mhg\mmm6, mhg\nls2
force group = UsrTravelOffice
read only = No
create mask = 0760
directory mask = 02770
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[TEST]
path = /usr/local/test
username = mhg\jxmm
read only = No
create mask = 0740
directory mask = 02740
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
hide unreadable = Yes
level2 oplocks = No
strict locking = No
*******nsswitch.conf
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat files winbind
group: compat files winbind
shadow: compat files
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
More information about the samba
mailing list