[Samba] Getting Samba 3 to communicate with Win2k3 ADS
Chris Goff
cgoff at nles.k12.wi.us
Tue Jul 27 19:18:20 GMT 2004
jim.laverty at gmail.com writes:
>1) "winbind separator" is spelled wrong in your smb.conf file.
Hmm. That's not even listed in smb.conf...strange.
>
>
>2) Can you post a snip of the server config section of smb.conf
>(e.g. not the share section)?
Here's my entire smb.conf file:
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/07/27 11:19:35
# Global parameters
[global]
workgroup = NLES
realm = NLES.LOCAL
security = ADS
password server = 10.0.0.3
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
[test]
path = /tmp
valid users = cgoff, administrator
admin users = cgoff, administrator
hosts allow = 10.0., 127.0.0.1
root at hobbes:/usr/local/samba/lib#
>
>
>3) Did you configure /etc/krb5.conf and run kinit? Does klist give
>you any values?
Here's krb5.conf:
[logging]
default = FILE:/var/log/krb5/libs.log
kdc = FILE:/var/log/krb5/kdc.log
admin_server = FILE:/var/log/krb5/admin.log
[libdefaults]
ticket_lifetime = 24000
default_realm = NLES.LOCAL
default_tgs_enctypes = des-cbc-crc des-cbc-md5
default_tkt_enctypes = des-cbc-crc des-cbc-md5
forwardable = true
proxiable = true
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
NLES.LOCAL = {
kdc = 10.0.0.3
default_domain = NLES.LOCAL
}
[domain_realm]
.nles.local = NLES.LOCAL
nles.local = NLES.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[pam]
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
And the output from klist:
root at hobbes:/etc# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator at NLES.LOCAL
Valid starting Expires Service principal
07/27/04 11:14:33 07/27/04 21:14:36 krbtgt/NLES.LOCAL at NLES.LOCAL
renew until 07/28/04 11:14:33
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
kinit was run. As the winbind log shows, I am able to join the domain.
More information about the samba
mailing list