[Samba] Samba 2.2 vs. 3: Domain Member & Winbind quick question
Tyler Thueson
tylernt at gmail.com
Thu Mar 17 16:24:48 GMT 2005
I have a Samba 2.2 box set up as a member server in a Windows domain.
Any random Windows domain user can connect and a local Linux system
account is created on the fly, as it should.
I am trying to do the same on another box with Samba 3. However, when I
connect from a Windows domain member, I get prompted for credentials. If I
enter domain\username and my password, I connect and a local Linux
system account is created on the fly, and all is good. But 2.2 doesn't
prompt, and I don't want to be prompted by 3.0!
#/etc/samba/smb.conf
[global]
workgroup = DOMAIN
server string = Samba Server
security = DOMAIN
passdb backend = tdbsam:/etc/samba/private/passdb.tdb
log file = /var/log/samba.%m
max log size = 50
add user script = /usr/sbin/useradd -g users %u
dns proxy = No
wins server = 1.2.3.4, 2.3.4.5
ldap ssl = no
idmap uid = 10000-200000
idmap gid = 10000-200000
winbind use default domain = Yes
netbios name = SERVER
password server = *
#/etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
hosts: files dns
networks: files
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
bootparams: files
automount: files
aliases: files
When Windows makes the initial connection before I get prompted in Windows:
#/var/log/samba.clienthostname
[2005/03/16 11:37:22, 0] auth/auth_util.c:make_server_info_info3(1120)
make_server_info_info3: pdb_init_sam failed!
useradd: invalid user name 'USERNAME'
useradd: invalid user name 'USERNAME'
useradd: invalid user name 'USERNAME'
After I enter domain\username in Windows prompt:
#/var/log/samba.clienthostname
[2005/03/16 15:27:41, 1] smbd/service.c:make_connection_snum(619)
clienthostname (1.2.3.4) connect to service sharename initially as
user username (uid=1000, gid=100) (pid 1016)
It almost seems as if the initial connection by Windows is sending the
naked username, without the domain\ in front. Is there a way to tell
Winbind to add domain\ in front of naked usernames or something? As
you can see above I turned on 'winbind use default domain' but
obviously that does not fix the problem.
Help?
More information about the samba
mailing list