[Samba] Unable to log on (authenticating) to a Samba NT Domain
Roberto Mason
baubba at rmasonfamily.info
Thu Oct 19 23:08:48 GMT 2006
I have 4 machines at home:
1 Linux Centos 4.4 running as a PDC
1 Linux Centos domain member running as my file server. Winbind works
properly and I'm able to share files perfectly well
1 Windows XP sp2, member of my domain. No problem accessing files on
Centos domain member
1 Linux Fedora Core 5, also a domain member.
I'm unable to logon my Fedora 5 machine to my domain. I've joined the
domain, Winbind is running. getent passwd and group show my domain
passwd and group information properly. wbinfo -u return my users
(including domain)
[root at fedora ~]# wbinfo -u
MEPHISTOPHELES\root
MEPHISTOPHELES\baubba
MEPHISTOPHELES\linuxbasic
MEPHISTOPHELES\jo-ann
MEPHISTOPHELES\roberto
MEPHISTOPHELES\programmer
MEPHISTOPHELES\desrochers
[root at fedora ~]# wbinfo -g
BUILTIN\administrators
BUILTIN\users
MEPHISTOPHELES\print operators
MEPHISTOPHELES\replicators
MEPHISTOPHELES\account operators
MEPHISTOPHELES\domain guests
MEPHISTOPHELES\backup operators
MEPHISTOPHELES\system operators
MEPHISTOPHELES\domain admins
MEPHISTOPHELES\domain users
[root at fedora ~]#
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
pcap:x:77:77::/var/arpwatch:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
hsqldb:x:96:96::/var/lib/hsqldb:/sbin/nologin
tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
vdr:x:100:101:Video Disk Recorder:/srv/vdr:/sbin/nologin
MEPHISTOPHELES
\root:*:16777216:16777216:root:/home/MEPHISTOPHELES/root:/bin/bash
MEPHISTOPHELES\baubba:*:16777217:16777216:Roberto
Mason:/home/MEPHISTOPHELES/baubba:/bin/bash
MEPHISTOPHELES\linuxbasic:*:16777218:16777216:Roberto
Mason:/home/MEPHISTOPHELES/linuxbasic:/bin/bash
MEPHISTOPHELES\jo-ann:*:16777219:16777216:Jo-Ann
Mason:/home/MEPHISTOPHELES/jo-ann:/bin/bash
MEPHISTOPHELES\roberto:*:16777220:16777216:Roberto
Mason:/home/MEPHISTOPHELES/roberto:/bin/bash
MEPHISTOPHELES\programmer:*:16777221:16777216:Roberto
Mason:/home/MEPHISTOPHELES/programmer:/bin/bash
MEPHISTOPHELES\desrochers:*:16777222:16777216:Guillaume
Desrochers:/home/MEPHISTOPHELES/desrochers:/bin/bash
[root at fedora ~]# getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
dbus:x:81:
rpm:x:37:
utmp:x:22:
distcache:x:94:
apache:x:48:
ntp:x:38:
nscd:x:28:
floppy:x:19:
vcsa:x:69:
mysql:x:27:
webalizer:x:67:
screen:x:84:
squid:x:23:
netdump:x:34:
pcap:x:77:
slocate:x:21:
avahi:x:70:
named:x:25:
mailnull:x:47:
smmsp:x:51:
haldaemon:x:68:
rpc:x:32:
xfs:x:43:
hsqldb:x:96:
tomcat:x:91:
rpcuser:x:29:
nfsnobody:x:65534:
gdm:x:42:
sshd:x:74:
video:x:101:
MEPHISTOPHELES\print operators:*:16777219:
MEPHISTOPHELES\replicators:*:16777220:MEPHISTOPHELES\root
MEPHISTOPHELES\account operators:*:16777221:MEPHISTOPHELES\root
MEPHISTOPHELES\domain guests:*:16777222:
MEPHISTOPHELES\backup operators:*:16777223:MEPHISTOPHELES\root
MEPHISTOPHELES\system operators:*:16777224:MEPHISTOPHELES\root
MEPHISTOPHELES\domain admins:*:16777225:MEPHISTOPHELES\roberto
MEPHISTOPHELES\domain users:*:16777226:MEPHISTOPHELES
\roberto,MEPHISTOPHELES\baubba,MEPHISTOPHELES\linuxbasic,MEPHISTOPHELES
\programmer,MEPHISTOPHELES\jo-ann
BUILTIN\administrators:*:16777217:
BUILTIN\users:*:16777218:
[root at fedora ~]#
Winbind seems to be properly configured, I'm including my full smb.conf
file settings
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2006/10/19 19:04:04
[global]
workgroup = MEPHISTOPHELES
server string = Samba Server
security = DOMAIN
password server = 192.168.1.10
log file = /var/log/samba/%m.log
max log size = 50
acl compatibility = winnt
server signing = auto
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
printcap name = /etc/printcap
preferred master = No
domain master = No
dns proxy = No
wins server = 192.168.1.10
ldap ssl = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
finally my nnswitch.conf file
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files winbind
shadow: files winbind
group: files winbind
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files winbind
rpc: files
services: files winbind
netgroup: files winbind
publickey: nisplus
automount: files winbind
aliases: files nisplus
I know it's alot of information, but here it is all. When i try to log in using roberto (my domain member name) and password, i get a AUTHENCATION FAILED message. Any idea what's not working?
Thank You
More information about the samba
mailing list