[Samba] Trouble authenticating clients from ADS domain on Samba
3.0.5 file server
Christoph Scheeder
christoph.scheeder at scheeder.de
Fri Jul 30 20:50:22 GMT 2004
Hmm,
What's your kerberos version?
I would bet it is MIT-kerberos and the version is something lower then
1.3.3, isn't it?
If i'm correct you'll have to update your kerberos to a version >=1.3.3
Christoph
Chris Goff schrieb:
> I'm so close I can feel it :-)
>
> I'm having a problem connecting users to their home directories. Under "My
> Network Places" on XP clients I can see my Samba file server ("Hobbes")
> just fine. When I double click on it to open it, I get a login/password
> prompt that I can't bypass even though I try logins/passwords that exist
> on the ADS server and/or the UNIX accounts. Do I have to add these users
> under Samba specifically?
>
> I am joined to the ADS domain, I can pull users/groups from wbinfo -t, -u,
> and -g. When I use webmin I can even go into the Samba module to add users
> to a share and see all the users from my ADS domain pop up in a window.
>
> Here's a copy of my smb.conf (where I think my problem might lie):
>
> workgroup = NLES
> realm = NLES.LOCAL
> security = ads
> password server = calvin.nles.local
> username map = /etc/samba/smbusers
> os level = 10
> dns proxy = No
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> template shell = /bin/bash
> winbind separator = +
> winbind use default domain = Yes
>
> [homes]
> comment = %U Home Folder
> path = /home/%u
> valid users = %U cgoff administrator
> # force user = %u
> writeable = yes
> browseable = no
>
> I think my problem is with the [homes] share, but I'm not sure. Can anyone
> give me any pointers on what my issue might be? As I said I can talk to
> the ADS server just fine, seeing lists of users and groups. I'm almost
> positive I'm not setting up my shares correctly.
>
> Chris Goff
> NLES Network Administrator
> cgoff at nles.k12.wi.us
>
>
More information about the samba
mailing list