[Samba] Domain security, users still asked for login
Gerald (Jerry) Carter
jerry at samba.org
Wed May 5 13:28:33 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hamish wrote:
| I have been having problems with authentication on a suse 9 box with
| samba 3.0.3 installed from rpms.
| I have googled till my fingers bled, there is just the question, no
| answer, someone must have been able to solve it out of all the people
| who had the problem?
|
| I joined the domain with net join, this was successful
| I can list users/groups, authenticate and check the secret with wbinfo
| testparm gives no errors:
| Load smb config files from /etc/samba/smb.conf
| Processing section "[general]"
| Loaded services file OK.
| Server role: ROLE_DOMAIN_MEMBER
| Press enter to see a dump of your service definitions
|
| # Global parameters
| [global]
| workgroup = MYDOMAIN
| server string = DATASERVER
| security = DOMAIN
| password server = 2k3domaincontroller
| socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
| load printers = No
| os level = 33
| preferred master = No
| local master = No
| domain master = No
| dns proxy = No
| idmap uid = 10000-20000
| idmap gid = 10000-20000
| winbind separator = /
| winbind cache time = 10
| admin users = MYDOMAIN/Administrator, domadm
| printer admin = domadm
|
| [general]
| comment = General
| path = /share
| read only = No
| guest ok = Yes
|
|
| When a user attempts to connect to the server, they are asked for
| authentication, this should not be because it is set to security=domain,
| log.winbindd contains lines of
| winbindd_create_user: Refusing to create user that already exists
| (%username%) for whichever user tries to connect.
| log.smbd has lines of
| make_server_info_info3: pdb_init_sam failed!
Set "winbind enable local accounts = no" and make sure thet
'getent passwd DOMAIN\user' returns information (replacing the
DOMAIN\user with some valid name).
cheers, jerry
- ----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"...a hundred billion castaways looking for a home." ----------- Sting
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAmOwAIR7qMdg1EfYRAiEhAKC+fva3gSxk+RKHJjAmEcFy2rfwoACfe6zt
8MCPuoDKuTvcLYNOwEvnMgE=
=nmmA
-----END PGP SIGNATURE-----
More information about the samba
mailing list