[Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file

Chris Goff cgoff at nles.k12.wi.us
Fri Jul 30 20:49:44 GMT 2004 

I have MIT Kerberos 1.3.4 installed. This is the exact file I used on my
Slackware 10 server:

http://web.mit.edu/kerberos/www/dist/krb5/1.3/krb5-1.3.4-i686-pc-linux-gnu.tar

Maybe I made a mistake in using binaries instead of compiling from source?

Chris Goff
NLES Network Administrator
cgoff at nles.k12.wi.us

christoph.scheeder at scheeder.de writes:
>Hmm,
>What's your kerberos version?
>I would bet it is MIT-kerberos and the version is something lower then 
>1.3.3, isn't it?
>If i'm correct you'll have to update your kerberos to a version >=1.3.3
>Christoph
>
>Chris Goff schrieb:
>> I'm so close I can feel it :-)
>> 
>> I'm having a problem connecting users to their home directories. Under
>"My
>> Network Places" on XP clients I can see my Samba file server ("Hobbes")
>> just fine. When I double click on it to open it, I get a login/password
>> prompt that I can't bypass even though I try logins/passwords that exist
>> on the ADS server and/or the UNIX accounts. Do I have to add these users
>> under Samba specifically?
>> 
>> I am joined to the ADS domain, I can pull users/groups from wbinfo -t,
>-u,
>> and -g. When I use webmin I can even go into the Samba module to add
>users
>> to a share and see all the users from my ADS domain pop up in a window.
>> 
>> Here's a copy of my smb.conf (where I think my problem might lie):
>> 
>> workgroup = NLES
>> realm = NLES.LOCAL
>> security = ads
>> password server = calvin.nles.local
>> username map = /etc/samba/smbusers
>> os level = 10
>> dns proxy = No
>> idmap uid = 10000-20000
>> idmap gid = 10000-20000
>> template shell = /bin/bash
>> winbind separator = +
>> winbind use default domain = Yes
>> 
>> [homes]
>> comment = %U Home Folder
>> path = /home/%u
>> valid users = %U cgoff administrator
>> # force user = %u
>> writeable = yes
>> browseable = no
>> 
>> I think my problem is with the [homes] share, but I'm not sure. Can
>anyone
>> give me any pointers on what my issue might be? As I said I can talk to
>> the ADS server just fine, seeing lists of users and groups. I'm almost
>> positive I'm not setting up my shares correctly.
>> 
>> Chris Goff
>> NLES Network Administrator
>> cgoff at nles.k12.wi.us
>> 
>> 
>

More information about the samba mailing list