[Samba] authentication problems with Samba 3.1.2
Benoit Callebaut
bc at cetic.be
Thu Jun 15 15:47:09 GMT 2006
Hello,
I have set up a samba server 3.1.2.
I want to run it as a PDC.
Final target is to use it with LDAP and Kerberos.
At the moment I use tdbsam as backend.
I have authentication problems. Everything is running, I have set the
root password, I have created some user account on SAMBA and UNIX.
I am lost. I followed the docs (Examples) except for the firewalling and
BDC setup (I don't need it at the moment).
smbd, nmbd & winbind are running
I did the following tests:
smbclient //debdell/public
result OK. I can list the content of the share
net USER ADD <username>
result OK : output is : Added user<username>
smbclient -L localhost -U%
result OK : I can see the server and the fact that the sever is the
master for the workgroup I have set up.
wbinfo -u
result NOK: output is : Error looking up domain users
net rpc join -U administrator
Password:
Could not connect to server DEBDELL
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
net rpc join -U root
Password:
Creation of workstation account failed
Unable to join domain CETIC1.
here is my smb.conf:
# Samba config file created using SWAT
# from 192.168.0.39 (192.168.0.39)
# Date: 2006/06/12 12:02:34
[global]
netbios name = CETIC1
workgroup = CETIC1
server string = %h server (Samba %v)
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
security = user
local master = yes
domain master = yes
domain logons = yes
os level = 33
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = wins bcast hosts
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -d /var/lib/nobody -g 100
-s /bin/false -M %u
logon script = scripts\logon.bat
logon path =
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
domain logons = Yes
dns proxy = No
panic action = /usr/share/samba/panic-action %d
# invalid users = root
include = /etc/samba/dhcp.conf
winbind separator = /
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
[homes]
comment = Home Directories
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/lib/samba/printers
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[public]
path = /var/lib/samba/public
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon/%U
valid users = %S
read only = yes
[profiles]
path = /var/lib/samba/profiles
read only = no
create mask = 0600
More information about the samba
mailing list