[Samba] Fw: Samba as fileserver in an Windows AD Domain

Daniel Bauer mlist at dsb-gmbh.de
Fri Oct 30 10:55:43 MDT 2009


Hi Andrew,

From: "Andrew Masterson" <Andrew.Masterson at nuvistaenergy.com>
>> > I tried to setup a SuSE10.2 with samba 3.0.23d (but the same trouble
> with
>> > SuSE11.1).
>> >
>> > I got a valid Kerberos Ticket and joined successfully the domain
> (with net
>> > join).
>> >
>> > Users and group are displayed with wbinfo -u / -g . I could also
> verify
>> > accounts with wbinfo -a user%pass.
>> >
>> > When I tried to access the shares, the dialog apears to give the
>> > credentials. It doesn't matter what you fill in, there is no access.
>> >
>> > I also could not get users and groups with getent passwd / group. I
> tried
>> > different configs of
>> > /etc/nsswitch.conf with different results:
>> >
>> > only local accounts will be showed:
>> > passwd: compat
>> > group: compat
>> >
>> > local account and the group BUILTIN
>> > passwd: files winbind
>> > group: files winbind
>> >
>> > here are the local account, the BUILTIN group and a new entry like
> this:
>> > "+::0:" are displayed
>> > I think there is a problem with matching Windows LDAP with *nix LDAP
>> > passwd: files winbind ldap
>> > group: files winbind ldap
>> >
>> > My /etc/smb.conf:
>> > [global]
>> >        workgroup = WIN2003SRV
>> >        security = ADS
>> >        realm = win2003srv.loc
>> >        idmap backend = ad
>> >        idmap uid = 10000-20000
>> >        idmap gid = 10000-20000
>> >        template homedir = /home/%D/%U
>> >        winbind separator = +
>> >        password server = 10.1.2.154
>> >        domain master = No
>> >        ldap ssl = no
>> >        winbind use default domain = yes
>> >        winbind enum users = yes
>> >        winbind enum groups = yes
>> >        winbind nested groups = yes
>> >        encrypt passwords = yes
>> >        client use spnego = yes
>> >        wins server = 10.1.2.154
>> >
>> > I see successful logins at the Windows DC.
>> > Do I need LDAP, or is Kerberos enough?
>> > Could somebody tell me what I do wrong?
>> 
>> is really nobody able to give me a hint what to look for?
>> 
> 
> Is nscd running?  If so, turn it off.  I think the default SUSE installs
> have nscd enabled.

no I disabled it, because some guys mentioned trouble with nscd.

Thanks
Daniel


More information about the samba mailing list