[Samba] security = ADS
John H Terpstra
jht at samba.org
Thu Jul 22 20:11:21 GMT 2004
On Thursday 22 July 2004 14:07, Tom Skeren wrote:
> Yes I've seen this behavior a LOT. I've replied to it. For some
> reason, the Samba when joined to ads needs to contacted for shares by IP
> addy. The XP shares then authenticate properly.
No way, your ADS server is answering on port 445 - the port for netbios-less
SMB.
>
> Try \\ipaddy-samba-server\share-name. If you connect, do a netstat -an
> on the samba server. You'll see the XP box connected to port 445. I
> suspect that in an ads environment, the XP boxes default to connecting
> to shares on 445. I suspect smbd, or nmbd are mishandling this when
> netbios names are used.
Nope. To avoid this, in your smb.conf [globals] set:
smb port = 139
- John T.
>
> Rashaad S. Hyndman wrote:
> >Hi all,
> >
> >I've been fighting with joining my samba server (debian) to my active
> > directory domain for 4 days now. The problem here is that users in my
> > active directory domain on windows machines are not able to browse my
> > samba shares without being prompted for authentication.
> >
> >I can:
> >- Join the domain from samba server using net ads
> >- View list of tickets when brownsing window shares with klist
> >- list window shares without being prompted with "smbclient -k -L
> > <windows_servername>
> >
> >I can NOT:
> >- use "net use * \\<smb_servername>\share" from window based machine.
> >(this resultes in "The password or user name is invalid for
> > \\delshare\public" (delshare being my samba server name)
> >
> >I have no clue what to do from here. I've looked over my smb.conf file 20
> > times likewise my krb5.conf file
> >
> >Any suggestions would be greatly appreciated. I've arn out of tests.
> >
> >R.
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
OpenLDAP by Example, ISBN: 0131488732
Other books in production.
More information about the samba
mailing list