[Samba] ntlm_auth question
Snodgrass, Micah
MSnodgrass at ceciowa.com
Fri Apr 1 13:59:47 GMT 2005
> -----Original Message-----
> From: Andrew Bartlett [mailto:abartlet at samba.org]
> Sent: Thursday, March 31, 2005 3:31 PM
> To: Snodgrass, Micah
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] ntlm_auth question
>
>
> On Thu, 2005-03-31 at 07:36 -0600, Snodgrass, Micah wrote:
> > Thank you much Andrew, joining the domain did the trick. For the
> > record, doing a net rpc join -U administrator from the
> > Linux/FreeRADIUS box joined the machine to the domain,
> > but still no luck. I took a look at the Win2k3 AD server,
> > and had to check the foolish little check box on the account
> > for the Linux computer that said something like
> > "This machine is a Pre-Windows 2000 machine" and then we
> were talking.
>
> Had you done a 'net ads join' and set 'security=ads' in your smb.conf,
> then it would have worked.
>
> I'm lining up a micro-patch to make the error message
> indicate the need
> for a domain join.
Hmmm... no I didn't. I'm not familiar with the "net ads" command *digs out google and man pages* - At this point, it's safe to say that I have done neither. smb.conf has security = server, and then password server = ip.of.AD.server. Once I sat down at the AD server and checked that foolish "this is a pre-windows 2000 computer" checkbox, ntlm_auth started working fine, and I moved on to the next hurdle in the project which is a problem with the FreeRADIUS config file. (something totally unrelated to samba, so I won't bore you with the details.
thanks again for the help. I'll do some digging into security=ads and "net ads ..." as it sounds like they may save me future headaches.
-MS
More information about the samba
mailing list