[Samba] [bounce] Problem with pam_winbind
Alex Samad
alex at samad.com.au
Thu Nov 5 13:32:08 MST 2009
On Thu, Nov 05, 2009 at 08:16:51AM -0600, Robert LeBlanc wrote:
> >
> >
> > I was wondering if any one has had any thought on this ?
> >
> > or maybe how I would go about trying to debug it..
> >
>
> I haven't used any of the ldap stuff that you are using so it's beyond me at
> this point. I wish I could help more, I know how it is to be in that
> position. Is this just a member workstation/server or is it trying to be a
> DC? To me if it is just a member, I can't see why you would need all the
> LDAP stuff. Security should also probably be ADS as well. Here is my conf
not sure what you mean by all that ldap stuff I have, I understand ads
is stored in M$ ldap
[global]
workgroup = AD
server string = %h server
dns proxy = no
interfaces = 192.168.5.10/24
bind interfaces only = yes
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
netbios name = bblx01
realm =
ad.barbarast.samad.com.au
security = ADS
encrypt passwords = true
password server = *
winbind separator = +
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/false
winbind use default domain =
yes
socket options = TCP_NODELAY
SO_RCVBUF=8192 SO_SNDBUF=8192
> file for a member:
>
> #======================= Global Settings =======================
>
> [global]
> workgroup = domain
> realm = DOMAIN.LOCAL
> preferred master = no
> server string = %h server
> dns proxy = no
>
> #### Debugging/Accounting ####
>
> log file = /var/log/samba/log.%m
> max log size = 1000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
>
> ####### Authentication #######
>
> security = ADS
> encrypt passwords = true
> passdb backend = tdbsam
> obey pam restrictions = yes
> invalid users = root
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:*
> %n\n *password\supdated\ssuccessfully* .
> pam password change = yes
>
> ########## Printing ##########
>
> load printers = no
> printing = bsd
> printcap name = /dev/null
> show add printer wizard = no
> disable spoolss = yes
>
> ############ Misc ############
>
> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> idmap backend = hash
> winbind nss info = hash
> winbind use default domain = yes
> winbind separator = +
> winbind enum groups = no
> winbind enum users = no
> winbind nested groups = yes
> template homedir = /home/%U
> template shell = /bin/bash
> winbind refresh tickets = yes
> # kerberos method = system keytab # waiting for bug to be fixed
> winbind offline logon = yes
>
> #======================= Share Definitions =======================
>
> Hope that can help any little way it can.
>
> Robert LeBlanc
> Life Sciences & Undergraduate Education Computer Support
> Brigham Young University
--
"And, most importantly, Alma Powell, secretary of Colin Powell, is with us."
- George W. Bush
01/30/2003
Washington, DC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20091106/4095ba85/attachment.pgp>
More information about the samba
mailing list