R: [Samba] security = ads --> invalide user
Urs Golla
urs.golla at gmail.com
Thu May 10 08:03:54 GMT 2007
Hi
Still the same problem...
I think the connection to the domain is ok. because if i use a non existent
user, the log says: "FAILED with error NT_STATUS_NO_SUCH_USER"
If I use a wrong password is gives me also a different error message.
cheers
On 5/10/07, Gianluca Culot <gianlucaculot at dmsware.com> wrote:
>
>
> > -----Messaggio originale-----
> > Da: samba-bounces+gianlucaculot=dmsware.com at lists.samba.org
> > [mailto:samba-bounces+gianlucaculot=dmsware.com at lists.samba.org]Per
> > conto di Urs Golla
> > Inviato: giovedì 10 maggio 2007 9.44
> > A: samba at lists.samba.org
> > Oggetto: [Samba] security = ads --> invalide user
> >
> >
> > Hello
> >
> > I try to run SAMBA with security = ads on AIX 5.3 with SAMBA 3.0.23d.
> > "net ads join" was successful and the machine is now visible in the
> Domain
> > with the netbios name.
> >
> > When I try to access the shares on the machine the log.smbd files says:
> >
> > (...)
> > [2007/05/10 08:58:16, 1] smbd/sesssetup.c:reply_spnego_kerberos(310)
> > Username MYDOMAIN/MYUSERNAME is invalid on this system
> > [2007/05/10 08:58:16, 3] smbd/error.c:error_packet(146)
> > error packet at smbd/sesssetup.c(315) cmd=115 (SMBsesssetupX)
> > NT_STATUS_LOGON_FAILURE
> > (...)
> >
> >
> > ******************************************************
> > smb.conf:
> >
> > [global]
> > winbind separator = /
> > netbios name = MYNETBIOSNAME
> > winbind enum users = yes
> > workgroup = MYDOMAIN
> > winbind enum groups = yes
> > #password server = *
> > password server = MYPASSWORDSERVER
> > encrypt passwords = yes
> > dns proxy = no
> > realm = MYREALM
> > security = ADS
> > wins proxy = no
> > winbind use default domain = Yes
> > client use spnego = yes
> > #idmap uid = 10000-20000
> > #winbind gid = 10000-20000
> > preferred master = no
> > log level = 3
> > wins server = x.x.x.x
> > #auth methods = guest sam winbind
> > #idmap uid = 10000-20000
> > idmap gid = 10000-20000
> >
> >
> > [testsamba]
> > comment = Samba testfolder
> > path = /testsamba
> > read only = no
> > valid users = MYDOMAIN/USERNAME
> >
> > ******************************************************
> >
> > I also maped the domain groups with "net groupmap"
> >
> > # ./net groupmap list
> > Domain Users (S-1-5-21-3687956107-1621720357-3427760348-513) ->
> > domainusers
> > Domain Guests (S-1-5-21-3687956107-1621720357-3427760348-997) -> nobody
> > Administrators (S-1-5-32-544) -> 5000
> > mygroup (S-1-5-21-3687956107-1621720357-3427760348-14001) -> mygroup
> > Users (S-1-5-32-545) -> 5001
> >
> > --> MYDOMAIN/USERNAME is a member of MYDOMAIN/mygroup
> > ****************************************************************
> >
> > Why does it say "invalide user"? I think I should also be able to
> > browse the
> > shares without a valid user...
> >
> > any help is much appreciated!!!
> >
> > Regards
> > Urs
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
> >
>
> I would check
> winbind separator = /
>
> to my knowlegde it should be
> winbind separator = \
>
> or could be commented as its default is \
>
> I've setup a samba 3.0.24,1 on freebsd with ads against a Windows2003
> Server
> and I did not specified Winbind Separator
>
>
>
More information about the samba
mailing list