[Samba] User authentication to AD200X, need local users?
spike1197
spike1197 at gmail.com
Wed Dec 29 16:26:51 GMT 2004
I am trying to get user authentication in a 200X AD to have domain
users see the samba shares (RH ES3, samba 3.0.9-1).
I can see the shares, but when I try to access any of the shares, I
get prompted for a username and password and this is what shows up in
the log.winbindd file
-------------------
[2004/12/29 08:17:37, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161)
user 'robl' does not exist
[2004/12/29 08:17:37, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161)
user 'ROBL' does not exist
[2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161)
user 'luser-ibmlptp2$' does not exist
[2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161)
user 'luser-ibmlptp2$' does not exist
[2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161)
user 'LUSER-IBMLPTP2$' does not exist
---------------------
robl the user I'm logged into and LUSER-IBMLPTP2 is the computer name.
I can get a listing of the domain users from the linux machine with
the wbinfo command:
-----------------------------
[root at gort samba]# wbinfo -u
TESTER+Administrator
TESTER+Guest
TESTER+SUPPORT_388945a0
TESTER+TEST1$
TESTER+krbtgt
TESTER+pauld
TESTER+robl
TESTER+tester1
TESTER+tester2
TESTER+tester3
TESTER+TEST2$
TESTER+gort$
TESTER+LUSER-IBMLPTP2$
------------------------------
It may be that I have to config another file in pam.d. here is my
pam.d/samba and pam.d/login files (respectively)
--------------------------------
#%PAM-1.0
auth sufficient pam_winbind.so
auth required pam_unix.so nullok
account sufficient pam_winbind.so
account required pam_unix.so
session required pam_unix.so
password required pam_unix.so
----------------------------------
#%PAM-1.0
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so
---------------------------------------
and smb.conf...
-------------------------------------
[global]
netbios name = Gort
server string = Gort
workgroup = TESTER
os level = 20
encrypt passwords = yes
security = ADS
password server = test1.tester.randd.com
realm = TESTER.RANDD.COM
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum groups = yes
winbind enum users = yes
[space]
comment = Test Share
browseable = yes
writeable = yes
public = yes
----------------------------------------
any input would be great.
Thanks
More information about the samba
mailing list