[Samba] Samba 3.6.23 (IBM version), Windows AD at the functional 2003 level
Rowland penny
rpenny at samba.org
Wed Oct 30 18:54:12 UTC 2019
On 30/10/2019 17:49, Bob Wyatt wrote:
> -----Original Message-----
> From: Rowland penny <rpenny at samba.org>
> Sent: Wednesday, October 30, 2019 4:06 AM
> To: samba at lists.samba.org
> Subject: Re: [Samba] Samba 3.6.23 (IBM version), Windows AD at the functional 2003 level
>
> On 29/10/2019 22:47, Bob Wyatt via samba wrote:
>> My apologies (again!) for asking about this old, venerable release.
>>
>> The client is upgrading to 4.10 or 4.11 in early December.
>>
>>
>>
>> The AIX server was joined to a functional Windows 2000 domain in 2015.
>>
>> The AD server has since been upgraded to functional Windows Server 2003
>> sometime since.
>>
>>
>> Sorry, Rowland - I need to find a better E-mail client for this than Outlook (or change my settings)...
>>
>> Anyway, not knowing whether attachments are accepted, here is an anonymized and shortened (not showing all of the shares) smb.conf file...
>> I added a comment for Joe and Jane...
>>
>> # Samba config file created using SWAT
That is something else that is dead, it no longer exists in supported
Samba versions.
>> # from UNKNOWN (172.16.XXX.yy)
>> # Date: 2015/02/05 11:39:52
>>
>> [global]
>> interfaces = eth0 172.21.xx.yy/255.255.0.0
>> workgroup = domainname
>> security = domain
You really should be using 'security = ADS'
>> encrypt passwords = yes
That is a default setting
>> # Below changed to 172.16.aa.bb for Jane; is Joe's address
>> password server = 172.16.xx.yy
You should remove that line and allow Samba to find the AD DC
>> deadtime = 15
>> load printers = No
>> local master = No
>> remote announce = 172.16.255.255/domainname 172.20.255.255/domainname
'remote announce' is really meant for an NT4-style domain
>> case sensitive = Yes
>> hide dot files = No
>>
>> [homes]
>> path = /home/%u
>> valid users = fjf,root
>> admin users = fjf,root
>> read only = No
>> case sensitive = No
Have you only got two users (fjf & root) ? I ask this because they are
the only users that will get a home dir
>>
>> [printers]
>> comment = All Printers
>> path = /tmp
>> guest ok = Yes
>> printable = Yes
>> browseable = No
>>
>>
Now we come to the main problem, you do not seem to have any
authentication lines.
Do you have your users in /etc/passwd and groups in /etc/group ?
Rowland
More information about the samba
mailing list