[Samba] ntlm_auth question

Snodgrass, Micah MSnodgrass at ceciowa.com
Fri Apr 1 13:59:47 GMT 2005



> -----Original Message-----
> From: Andrew Bartlett [mailto:abartlet at samba.org]
> Sent: Thursday, March 31, 2005 3:31 PM
> To: Snodgrass, Micah
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] ntlm_auth question
> 
> 
> On Thu, 2005-03-31 at 07:36 -0600, Snodgrass, Micah wrote:
> > Thank you much Andrew, joining the domain did the trick. For the
> > record, doing a net rpc join -U administrator from the 
> > Linux/FreeRADIUS box joined the machine to the domain, 
> > but still no luck. I took a look at the Win2k3 AD server, 
> > and had to check the foolish little check box on the account 
> > for the Linux computer that said something like 
> > "This machine is a Pre-Windows 2000 machine"  and then we 
> were talking. 
> 
> Had you done a 'net ads join' and set 'security=ads' in your smb.conf,
> then it would have worked.
> 
> I'm lining up a micro-patch to make the error message 
> indicate the need
> for a domain join.

Hmmm... no I didn't.  I'm not familiar with the "net ads" command *digs out google and man pages*  - At this point, it's safe to say that I have done neither. smb.conf has security = server, and then password server = ip.of.AD.server.  Once I sat down at the AD server and checked that foolish "this is a pre-windows 2000 computer"  checkbox,  ntlm_auth started working fine, and I moved on to the next hurdle in the project which is a problem with the FreeRADIUS config file. (something totally unrelated to samba, so I won't bore you with the details. 

thanks again for the help. I'll do some digging into security=ads and "net ads ..."  as it sounds like they may save me future headaches. 

-MS


More information about the samba mailing list