[Samba] Domain security, users still asked for login
Hamish
captainmish at gmx.net
Wed May 5 14:11:21 GMT 2004
Thanks Jerry
I have reverted to 3.0.2a and it seems to work fine.
Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hamish wrote:
>
> | I have been having problems with authentication on a suse 9 box with
> | samba 3.0.3 installed from rpms.
> | I have googled till my fingers bled, there is just the question, no
> | answer, someone must have been able to solve it out of all the people
> | who had the problem?
> |
> | I joined the domain with net join, this was successful
> | I can list users/groups, authenticate and check the secret with wbinfo
> | testparm gives no errors:
> | Load smb config files from /etc/samba/smb.conf
> | Processing section "[general]"
> | Loaded services file OK.
> | Server role: ROLE_DOMAIN_MEMBER
> | Press enter to see a dump of your service definitions
> |
> | # Global parameters
> | [global]
> | workgroup = MYDOMAIN
> | server string = DATASERVER
> | security = DOMAIN
> | password server = 2k3domaincontroller
> | socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> | load printers = No
> | os level = 33
> | preferred master = No
> | local master = No
> | domain master = No
> | dns proxy = No
> | idmap uid = 10000-20000
> | idmap gid = 10000-20000
> | winbind separator = /
> | winbind cache time = 10
> | admin users = MYDOMAIN/Administrator, domadm
> | printer admin = domadm
> |
> | [general]
> | comment = General
> | path = /share
> | read only = No
> | guest ok = Yes
> |
> |
> | When a user attempts to connect to the server, they are asked for
> | authentication, this should not be because it is set to
> security=domain,
> | log.winbindd contains lines of
> | winbindd_create_user: Refusing to create user that already exists
> | (%username%) for whichever user tries to connect.
> | log.smbd has lines of
> | make_server_info_info3: pdb_init_sam failed!
>
> Set "winbind enable local accounts = no" and make sure thet
> 'getent passwd DOMAIN\user' returns information (replacing the
> DOMAIN\user with some valid name).
>
>
>
>
>
> cheers, jerry
> - ----------------------------------------------------------------------
> Hewlett-Packard ------------------------- http://www.hp.com
> SAMBA Team ---------------------- http://www.samba.org
> GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
> "...a hundred billion castaways looking for a home." ----------- Sting
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFAmOwAIR7qMdg1EfYRAiEhAKC+fva3gSxk+RKHJjAmEcFy2rfwoACfe6zt
> 8MCPuoDKuTvcLYNOwEvnMgE=
> =nmmA
> -----END PGP SIGNATURE-----
>
>
More information about the samba
mailing list