[Samba] Domain Logins

Bernhard Pöttinger b.poettinger at mpwi.at
Mon Sep 18 10:58:50 GMT 2006


Hi,

I have troubles when trying to login to my SAMBA Domain, joinung the
workstations to the domain was no problem, browsing shares is no problem, but no
damain login.

I'm running centos 4.3;

rpm -qa |grep samba
system-config-samba-1.2.21-1
samba-client-3.0.10-1.4E.9
samba-3.0.10-1.4E.9
samba-common-3.0.10-1.4E.9

rpm -qa |grep openldap
openldap-clients-2.2.13-6.4E
openldap-devel-2.2.13-6.4E
openldap-2.2.13-6.4E
openldap-servers-2.2.13-6.4E

[global]
    ; Basic server settings
    netbios name = PDC-SRV
    server string = GBW File Server
    workgroup = GBW
    # client use spnego = yes

    ; Logging
    ;log level = 0
    log level = 3 passdb:99 auth:99 winbind:2


    interfaces = 192.168.118.2/24
;    hosts allow = 192.168.0. 127. 192.168.10.

    ;Character Mapping for Mac Compatibility
    ;character set = iso8859-1
    ;client code page = 437
    ;valid chars = *
    ;mangle case = no

; should act as the domain and local master browser
    os level = 64
    preferred master = yes
    domain master = yes
    local master = yes

; SAMBA LDAP stuff
;    passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
;    passwd chat    = *new*password* %n\n *new*password* %n\n *sucessfully*
;    unix password sync = Yes
    ldap passwd sync = yes
    passdb backend = "ldapsam_compat:ldap://ldap.intern.gbw.at"
    passdb backend = "ldapsam:ldap://ldap.intern.gbw.at"
    idmap  backend = "ldap:ldap://ldap.intern.gbw.at"
    ldap suffix = dc=intern,dc=gbw,dc=at
    ldap admin dn = cn=Manager,dc=intern,dc=gbw,dc=at
    ldap machine suffix = ou=Computers
    ldap user suffix = ou=Users
    ldap group suffix = ou=Groups
    ldap ssl = No
    ldap delete dn = no

; smbldap tools
    add user script = /usr/sbin/smbldap-useradd -m "%u"
    add machine script = /usr/sbin/smbldap-useradd -t 5 -w "%u"
    add group script = /usr/sbin/smbldap-groupadd -p "%g"
    add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
    delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
    set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"


    ; security settings (must user security = user)
    security = user

    ; encrypted passwords are a requirement for a PDC
    encrypt passwords = yes
    ; support domain logons
    domain logons = yes

    ;domain admin group = administrator root bernhard leonard

    ; where to store user profiles?
    ; logon path = \\%N\profiles\%u
    logon path =

    ; where is a user's home directory and where should it
    ; be mounted at?
    ; logon drive = z:
    ; logon home = \\FILE_SRV\unixhomes
    logon drive =
    logon home =

    ; specify a generic logon script for all users
    ; this is a relative **DOS** path to the [netlogon] share
    ; logon script = logon.cmd
    logon script = logon.cmd

; necessary share for domain controller
[netlogon]
    comment = Network Logon Service
    path = /opt/smb/netlogon
    guest ok = yes
    writable = no
    share modes = no
    ; read only = yes
    ; write list = ntadmin
; share for storing user profiles
[profiles]
    path = /opt/smb/ntprofile
    read only = no
    create mask = 0600
    directory mask = 0700
    browsable = yes
    writable = yes
[home]
    comment = Home Directories
    path = /opt/home/%u
    browsable = yes
    writable = yes
[data]
    comment = Daten
    path=/opt/data
    browsable = yes
    writeable = yes
    create mask = 664
    directory mask = 775

best regards and thanks for help
bernhard


More information about the samba mailing list