[Samba] Domain problem with NT4 & Samba 3.0.2a

Spike Burkhardt burkhardt.richard at ssd.loral.com
Thu Jun 10 21:45:18 GMT 2004 

Jon,

  I'm using the Security = SERVER due to the fact that the machines that will be used
aren't in the domain.  I'm not using the smbpasswd file.  I have not joined the
domain but on the two other servers I've setup I haven't had to.  I'll try it and let
you know.  As to the authenticating, how can I tell if it's using smbpasswd?

spike

Jonathan Johnson wrote:

> The first thing that jumps out at me is the line beginning with
> Domain=[WORKGROUP] in the results of 'smbclient -L moon". It appears to
> me that in looking for the browse list, your user may be attempting to
> authenticate against the local smbpasswd database instead of
> authenticating against the PDC or BDC. A bug, a feature, or a
> misunderstanding? I don't know.
>
> Have you joined this server to the domain?
>
> You'll want to read this section of the Samba 3 HOWTO if you haven't
> already:
> http://us2.samba.org/samba/docs/man/howto/domain-member.html#domain-member-server
>
> This section says to use Security = DOMAIN instead of Security =
> SERVER, and explains why. Looking at your smb.conf, it looks like
> you're on the right track.
>
> I'd recommend investigating winbind to create users on the fly when
> auth'd against the domain controller. As samba still requires a local
> user database, winbind and appropriate scripts will automatically
> maintain this local user database for you.
>
> And, of course, there's always the recommendation to go with Samba
> 3.0.4 (or 3.0.5 if it's out soon).
>
> --Jon Johnson
> Sutinen Consulting, Inc.
> jon at sutinen.com
>
> On Thu, 10 Jun 2004, Spike Burkhardt wrote:
>
> > All,
> >
> >   I really need some help.  I'm putting samba up on a new windows domain
> > called SIERRA.  I'm using Samba 3.0.2a on Solaris 8.  I'm barely
> > knowledgeable on Windows NetBIOS... but am good with Solaris.  The
> > status is that I've got the daemons running and working normally.  I
> > have 1 desktop with 1 PDC & 1 BDC in the SIERRA domain.  On the desktop,
> > I can see both DC's but not the samba server.  As a non-priviledged
> > account, when I issue a smbclient -L moon I get the following output:
> >
> > moon:/home/burkharr> smbclient -L moon
> > Password:
> >
> > Anonymous login successful
> > Domain=[SIERRA] OS=[Unix] Server=[Samba 3.0.2a]
> >
> >         Sharename      Type      Comment
> >         ------------     -----      -----------
> >         rcbtest             Disk      Spike's testing
> >         IPC$               IPC       IPC Service (Samba 3.0.2a)
> >         ADMIN$        IPC       IPC Service (Samba 3.0.2a)
> > Domain=[WORKGROUP] OS=[SunOS 5.8 sun4u] Server=[LAN Manager 2.1]
> > tree connect failed: ERRSRV - ERRbadpw (Bad password - name/password
> > pair in a Tree Connect or Session Setup are invalid.)
> > NetBIOS over TCP disabled -- no workgroup available
> >
> >
> > When I issue the same command substituting localhost for moon I get the
> > following output:
> > moon:/home/burkharr> smbclient -L localhost
> > Password:
> >
> > Anonymous login successful
> > Domain=[SIERRA] OS=[Unix] Server=[Samba 3.0.2a]
> >
> >         Sharename      Type      Comment
> >         ---------      ----      -------
> >         rcbtest        Disk      Spike's testing
> >         IPC$          IPC       IPC Service (Samba 3.0.2a)
> >        ADMIN$    IPC       IPC Service (Samba 3.0.2a)
> > Anonymous login successful
> > Domain=[SIERRA] OS=[Unix] Server=[Samba 3.0.2a]
> >
> >         Server               Comment
> >         ---------            -------
> >         EPN32-237
> >         MOON                 Samba 3.0.2a
> >         ROHAN
> >         SHADOWFAX
> >
> >         Workgroup            Master
> >         ---------            -------
> >         SIERRA            MOON
> >
> >
> > Notice that I don't get any NetBIOS errors which makes sense because I'm
> > not going out on the network.
> >
> > Here's my smb.conf file:
> > moon:/home/burkharr> more /apps/samba/lib/smb.conf
> > # Global parameters
> > [global]
> >         workgroup = SIERRA
> >         netbios name = moon
> >         security = SERVER
> >         encrypt passwords = Yes
> >         password server = rohan shadowfax
> >         wins server = 172.22.2.251
> >         password level = 8
> >         #admin log = Yes
> >         log level = 1
> >         log file = /var/samba/log/log.%m
> >         create mask = 775
> >
> > [rcbtest]
> >         comment = Spike's testing
> >         path = /dbd00/spike
> >         valid users = @webadmin
> >         force group = webadmin
> >         create mask = 740
> >         writeable = Yes
> >
> > Any thoughts?  Thanks for your help.
> >
> > spike
> >
> >

More information about the samba mailing list