[Samba] auth problem

Greg Folkert greg at gregfolkert.net
Thu Sep 22 19:01:54 GMT 2005 

On Thu, 2005-09-22 at 09:43 -0600, Ric Tibbetts wrote:
> Okay, I'll keep asking questions, until I word one in a way that 
> someone will answer. :)
> 
> i'm trying to get Samba setup. I've done this before, and it has 
> never given me this much trouble.
> In short, it seems to be insisting that the user be in smbpasswd 
> (I've not experienced this before).
> 
> If the user is in smbpasswd, all seems well. If not, even though they 
> exist on the server (via ldap + kerberos), I get a user not found error.
> On the last set of servers I did this on, even ones who authenticate 
> via ldap, I never did anything special to samba to get it to work. 
> But I've not been so lucky this time.
> 
> The setup:
> 
> Server: IBM AIX 5.2
> Samba 3.0.14a
> 
> Authentication: LDAP
> Security:  Kerberos
> 
> The user entry in /etc/security/user:
>      <user name>
>                             SYSTEM = "KRB5files"
> 
> smb.conf (in a simple form)
> 
>        [global]
>          workgroup = WIN
>          log level = 5 auth
>          log file = /var/log/samba/%m.log
>          username map = /usr/local/samba/lib/smbusers
> 
> [Homes]
>          comment = User home directories
>          guest ok = no
>          read only = No
> 
> I need the username map because the user names do not match between 
> the windows clients & the samba server. So I need to map the translation.
> 
> 
> When I try to access the system, I get an unknown user error.
> 
> The ONLY thing I need samba to do is provide shares (not shown above) 
> to windows users. Nothing else.
> If, I add a user to samba with smbpasswd .....     then the users can 
> access the shares. If not, they can't.
> I also, in the past have not had a server prompt me for passwords to 
> access shares.
> I'm missing something really obvious.
> I'd really appreciate some assistance on this one.

There is a terribly good howto:

http://www.idealx.org/prj/samba/smbldap-howto.en.html

-- 
greg, greg at gregfolkert.net

The technology that is 
Stronger, Better, Faster: Linux

Use Debian GNU/Linux, its a bazaar thing.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050922/0e0bdcae/attachment.bin

More information about the samba mailing list