[Samba] windows SID are unknown for a samba member server?
alazarev at itg.uiuc.edu
Thu Aug 31 20:45:48 GMT 2006
On Thu, 31 Aug 2006, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Alexander Lazarevich wrote:
>>> testparm on smb.conf is fine:
>>> [root at zeus lib]# testparm
>>> Load smb config files from /usr/local/encap/samba-3.0.23a/lib/smb.conf
>>> Processing section "[homes]"
>>> Processing section "[staff]"
>>> Processing section "[users]"
>>> Loaded services file OK.
>>> Server role: ROLE_DOMAIN_MEMBER
> This is wrong for security = server. What version
> are you running ? I'd also suggest security = domain
We run samba 3.0.23a. Looking at smb.conf man pages, maybe you are right.
Security = server has worked great for us for years, and it still works
fine in older versions of samba. We don't want our samba servers to be
domain members, we just want them to auth to an NT4 PDC. That's what I
thought security = server was supposed to do. But maybe a switch to
security = domain will fix our SID problems.
What is odd is that the samba server that does NOT have this SID problem
(RHEL3-AS x86, running the stock redhat RPM [samba-3.0.9-1.3E.10]) also
reports back a testparm of the same thing:
[root at apache root]# testparm
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
The smb.conf here is:
server string = Samba server
interfaces = xxxxx
wins server = xxxxx
domain master = no
domain logons = no
preferred master = no
netbios name = hostname
announce version = 1.0
getwd cache = yes
wide links = yes
preserve case = yes
load printers = no
password level = 8
security = server
password server = IP of NT4 PDC
workgroup = DUDESDOMAIN
time server = no
#status = yes
encrypt passwords = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY
hosts allow = xxxxxxx
log file = /var/log/samba/hostname-samba.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
More information about the samba