[Samba] Samba and AD problem

markus klimke at tu-harburg.de
Mon Nov 28 11:43:31 GMT 2005


Try adding the following options to [global]:

   netbios name = [Hostname in capital letters, not the FQDN]
   password server = [IP-Address(es) of your W2k3-Machines]
   winbind trusted domains only = Yes
   winbind nested groups = Yes

Hope that helps.

Ian Harper wrote:
> On 28/11/05, markus <klimke at tu-harburg.de> wrote:
> 
>>Hi Ian, please post your smb.conf for that.
>>
>>Ian Harper wrote:
>>
>>>Unfortunately its a windoze client trying to mount the samba share.
>>>
>>>On 28/11/05, Markus Klimke <klimke at tu-harburg.de> wrote:
>>>
>>>
>>>>Ian Harper wrote:
>>>>
>>>>
>>>>>I am following the examples section 9.3 in the "Samba 3 By Example" book.
>>>>>
>>>>>I can SSH onto the samba server as an AD user but I cant mount a samba share.
>>>>
>>>>verify existing and valid kerberos ticket, append a "-o krb" to your
>>>>smbmount.
>>>>
> 
> #======================= Global Settings =====================================
> [global]
> 
> log level = 1
>    workgroup = TEST
>    server string = Samba Server
>    printcap name = /etc/printcap
>    load printers = yes
>    printing = cups
>    log file = /var/log/samba/%m.log
>    max log size = 0
>    security = ads
>    encrypt passwords = yes
>    smb passwd file = /etc/samba/smbpasswd
>    unix password sync = Yes
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
>    pam password change = yes
>   obey pam restrictions = yes
>    local master = no
>    os level = 33
>    domain master = no
>    dns proxy = no
> # added for ADS stuff
> 
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind use default domain = yes
> winbind enum users = yes
> winbind enum groups = yes
> winbind separator = %
> realm = TEST.SAMPLE.COM
> template shell = /bin/bash
> template homedir = /home/%U
> 
> #============================ Share Definitions ==============================
> [homes]
>    comment = Home Directories
>    browseable = no
>    writable = yes
>    valid users = %S
>    create mode = 0664
>    directory mode = 0775
> [printers]
>    comment = All Printers
>    path = /var/spool/samba
>    browseable = no
>    guest ok = no
>    writable = no
>    printable = yes
> [testit]
> 	path = /tmp/xyz
> 	valid users = xyz
> 	public = no
> 	writeable = yes
> 	printable = no
> 	create mask = 0765



More information about the samba mailing list