[Samba] [bounce] Problem with pam_winbind

Alex Samad alex at samad.com.au
Thu Nov 5 13:32:08 MST 2009 

On Thu, Nov 05, 2009 at 08:16:51AM -0600, Robert LeBlanc wrote:
> >
> >
> > I was wondering if any one has had any thought on this ?
> >
> > or maybe how I would go about trying to debug it..
> >
> 
> I haven't used any of the ldap stuff that you are using so it's beyond me at
> this point. I wish I could help more, I know how it is to be in that
> position. Is this just a member workstation/server or is it trying to be a
> DC? To me if it is just a member, I can't see why you would need all the
> LDAP stuff. Security should also probably be ADS as well. Here is my conf

not sure what you mean by all that ldap stuff I have, I understand ads
is stored in M$ ldap


[global]
workgroup = AD
server string = %h server
dns proxy = no
interfaces = 192.168.5.10/24
bind interfaces only = yes
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
netbios name = bblx01
realm =
ad.barbarast.samad.com.au
security = ADS
encrypt passwords = true
password server = *
winbind separator = +
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/false
winbind use default domain =
yes
socket options = TCP_NODELAY
SO_RCVBUF=8192 SO_SNDBUF=8192
  

> file for a member:
> 
> #======================= Global Settings =======================
> 
> [global]
>    workgroup = domain
>    realm = DOMAIN.LOCAL
>    preferred master = no
>    server string = %h server
>    dns proxy = no
> 
> #### Debugging/Accounting ####
> 
>    log file = /var/log/samba/log.%m
>    max log size = 1000
>    syslog = 0
>    panic action = /usr/share/samba/panic-action %d
> 
> ####### Authentication #######
> 
>    security = ADS
>    encrypt passwords = true
>    passdb backend = tdbsam
>    obey pam restrictions = yes
>    invalid users = root
>    unix password sync = yes
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:*
> %n\n *password\supdated\ssuccessfully* .
>    pam password change = yes
> 
> ########## Printing ##########
> 
>    load printers = no
>    printing = bsd
>    printcap name = /dev/null
>    show add printer wizard = no
>    disable spoolss = yes
> 
> ############ Misc ############
> 
>   socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>   idmap backend = hash
>   winbind nss info = hash
>   winbind use default domain = yes
>   winbind separator = +
>   winbind enum groups = no
>   winbind enum users = no
>   winbind nested groups = yes
>   template homedir = /home/%U
>   template shell = /bin/bash
>   winbind refresh tickets = yes
> #  kerberos method = system keytab # waiting for bug to be fixed
>   winbind offline logon = yes
> 
> #======================= Share Definitions =======================
> 
> Hope that can help any little way it can.
> 
> Robert LeBlanc
> Life Sciences & Undergraduate Education Computer Support
> Brigham Young University

-- 
"And, most importantly, Alma Powell, secretary of Colin Powell, is with us."

	- George W. Bush
01/30/2003
Washington, DC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20091106/4095ba85/attachment.pgp>

More information about the samba mailing list