[Samba] [bounce] Problem with pam_winbind

Robert LeBlanc robert at leblancnet.us
Thu Nov 5 07:16:51 MST 2009


>
>
> I was wondering if any one has had any thought on this ?
>
> or maybe how I would go about trying to debug it..
>

I haven't used any of the ldap stuff that you are using so it's beyond me at
this point. I wish I could help more, I know how it is to be in that
position. Is this just a member workstation/server or is it trying to be a
DC? To me if it is just a member, I can't see why you would need all the
LDAP stuff. Security should also probably be ADS as well. Here is my conf
file for a member:

#======================= Global Settings =======================

[global]
   workgroup = domain
   realm = DOMAIN.LOCAL
   preferred master = no
   server string = %h server
   dns proxy = no

#### Debugging/Accounting ####

   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog = 0
   panic action = /usr/share/samba/panic-action %d

####### Authentication #######

   security = ADS
   encrypt passwords = true
   passdb backend = tdbsam
   obey pam restrictions = yes
   invalid users = root
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:*
%n\n *password\supdated\ssuccessfully* .
   pam password change = yes

########## Printing ##########

   load printers = no
   printing = bsd
   printcap name = /dev/null
   show add printer wizard = no
   disable spoolss = yes

############ Misc ############

  socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  idmap backend = hash
  winbind nss info = hash
  winbind use default domain = yes
  winbind separator = +
  winbind enum groups = no
  winbind enum users = no
  winbind nested groups = yes
  template homedir = /home/%U
  template shell = /bin/bash
  winbind refresh tickets = yes
#  kerberos method = system keytab # waiting for bug to be fixed
  winbind offline logon = yes

#======================= Share Definitions =======================

Hope that can help any little way it can.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


More information about the samba mailing list