[Samba] Authentication against AD?

[Jason Gerfen]

I am having a hard time getting Samba to authentication correctly 
against a Windows Active Directory setup.

Here is a snap of the smb.conf
[global]
        passdb backend = ldapsam
        security = domain
        password server = server1.com server2.com
        prefered master = No
        local master = no
        hide unreadable = yes
        wins support = no
        winbind use default domain = yes
        domain master = No
        netbios name = samba-newb
        workgroup = scl
        prefered master = no
        dns proxy = no
        idmap uid = 15000-20000
        idmap gid = 15000-20000
        realm = server.com
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        add machine script = /usr/sbin/useradd  -c Machine -d 
/var/lib/nobody -s /bin/false %m$
        use spnego = yes
        server string = samba-newb
        update encrypted = yes
        domain logons = yes
        winbind separator = +
        winbind enum users = yes
        winbind enum groups = yes
        encrypt passwords = yes
        os level = 20
        template shell = /bin/bash
        template homedir = /home/%D/%U

[newb]
        comment = newb
        inherit acls = Yes
        path = /usr/local/files/
        read only = no
        force group = users
        force user = users
        guest ok = no

I can run the net ads join command which works fine, but if I try to 
authentication without a local account I am recieving errors.  Any 
assistance or pointers is appreciated.

-- 
Jason Gerfen
Student Computing Labs, University Of Utah
jason.gerfen at scl.utah.edu

J. Willard Marriott Library
295 S 1500 E, Salt Lake City, UT 84112-0860
801-585-9810

"My girlfriend threated to
 leave me if I went boarding...
 I will miss her."
 ~ DIATRIBE aka FBITKK