[Samba] Can't access Samba server with NetBIOS Name but OK with IP

Yujie Liang yliang at torus.com.au
Fri Jul 21 01:19:42 GMT 2006 

Hi, folks

I installed samba 3.0.21b-2 with winbind on a Fedora 5 server. I edited 5 files (show below) and join Windows AD by "net join ADS" command.

It worked in the first month. I could access to folders with appropriate permission. Then I found I couldn't access to the server by keying-in "\\smbservername". A pop-up Windows box say "Incorrect password or unknown user". I tried domain\domain-username, domain-username, userNo-in-getent-passwd but none of them worked. However, if I use its IP address such as \\10.10.10.2, it worked as normal. I check DNS record. They all exist in the DNS server. I even key in the DNS record in all hosts file. But no difference.

I also noticed one thing. When I use Windows XP I check the security tag of the folder shared on this FC5. I can see AD username, AD group name and everyone which stand for user, group and others. All check-boxed in front of these username, groupname and everyone are un-checked even if I can access the folders.

What did I do wrong? Shall I edit /etc/pam.d/login file as well? How?

Here is my current /etc/pam.d/login
#%PAM-1.0
auth       required     pam_securetty.so
auth       include      system-auth
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth

Thanks for any comment,
 
Yujie



======Fstab======

LABEL=/home             /home                   ext3    defaults,acl        1 2



======Nsswitch.conf=======

passwd:     files winbind
shadow:     files
group:      files winbind
hosts:      files dns
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files
netgroup:   nisplus
publickey:  nisplus
automount:  files nisplus
aliases:    files nisplus


=================Krb5.conf=============

[libdefaults]
 default_realm = COMPANY.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 forwardable = yes
[realms]
 COMPANY.COM = {
  kdc = adserver.company.com:88
  admin_server = adserver.company.com:749
  default_domain = company.com
 }
[domain_realm]
 .example.com = COMPANY.COM
 example.com = COMPANY.COM
[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }


=============/etc/samba/smb.conf================

   security = ADS   
   template shell = /bin/false
   template homedir = /home/%D/%U
   idmap uid = 10000-20000
   idmap gid = 10000-20000
   enhanced browsing = no
   winbind use default domain = yes


===============hosts==============
10.10.10.2           fc5.company.com fc5

More information about the samba mailing list