is anyone using a samba server with in an NT domain where it is authenticating users back to the NT domain controller? if so I would like to here from you and see your smb.conf file thanks....larry
ok ...now I am getting somewhere. I changed the security domain and passwd server = "passwd server" and I am now able to log in lickety split. no problems. I was using security = server. and I would get problems like you wouldn't believe. now it seems to work fine, oh yea, passwd are encrypted too.....thanks Bill Grzanich wrote:> > Hi, Larry. > > > is anyone using a samba server with in an NT domain where it is > > authenticating users back to the NT domain controller? if so I would > > like to here from you and see your smb.conf file thanks....larry > > > > I've been following your discussion in the mailing list. I've attached an > abbreviated copy of my smb.conf for your review. We have one Linux server > (RedHat 6.2) and two NT servers in our network. One of the NT servers is > the PDC and is used to authenticate users. I've deleted some of the printer > and user shares to reduce the file size, but I've left the [global] section > intact. I hope this helps. > > -Bill > > ------------------------------------------------------------------------ > Name: smb.conf > smb.conf Type: unspecified type (application/octet-stream) > Encoding: 7bit
Larry Clark wrote:> is anyone using a samba server with in an NT domain where it is > authenticating users back to the NT domain controller? if so I would > like to here from you and see your smb.conf file thanks....larry >=====================================; ; /etc/smb.conf ; ; Copyright (c) 1999 SuSE GmbH Nuernberg, Germany. ; ; Angepasst August 2000 k&w ; [global] workgroup = <your Domainname> netbios name = <your Sambaserver> server string = Samba %v on %L (Serverraum UG) announce version = 4.0 guest account = nobody ; Inaktive Client Connections abbrechen keep alive = 60 deadtime = 5 os level = 2 guest ok = yes ; Keine performance optionen ein kernel oplocks = false oplocks = no log level = 1 max log size = 1000 max open files = 1000 ; Differenzen der Filesysteme ausgleichen map archive = yes map system = yes map hidden = yes dos filetimes = yes dos filetime resolution = yes ; Keine Druckerfreigaben printing = bsd printcap name = /etc/printcap load printers = no ; Kleine Packet zulassen, ? socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE map to guest = Bad User ; Passwort Anfragen an BDC ; Samba nicht als Master Browser security = domain encrypt passwords = yes password server = <your BDC> <your PDC> username map = /etc/smbuser.map local master = no ======================================= Note : 1.) You have to create all users which will connect in your /etc/passwd (but not in /etc/smbpasswd). The user must have the same username as in the domain. Usernames which are to long can be matched using the "username map". 2.) You must add an account to your Domain with your Samba-Netbiosname. The type "smbpasswd -j <your domain> -r <your PDC>" on the SAMBA-Server to join the domain. Hope this helps -- Andreas H?dle (Systemadministration) K?hn & Weyh Software GmbH Linnestr. 1-3 79110 Freiburg WWW.KWSOFT.DE
Chris Herrmann wrote:> > hmm... i can understand why there would be a lag - samba has to find a > pdc/bdc and ask it to authenticate but you don't want that to be really > slow... is it just the initial bit that's slow, or any time they connect to > a share? > > -----Original Message----- > From: root [mailto:root]On Behalf Of Larry Clark > Sent: Thursday, 25 January 2001 12:38 > To: Chris Herrmann > Subject: Re: samba in an NT Domain? > > man this sux......well I got this smb file from this guy and was looking > at it. and so I changed the security and changed it to domain. well it > worked for me, but with all the ohers users it made them lag and soime > didn't connect. takes to long to authenticate. I think it may have > something to do with novell on our wire, not sure. but when I change it > back to security = user, and disable passwd server =......then they all > connect really fast with no problems......weird huh? > > Chris Herrmann wrote: > > > > so now you're using security = domain ??? > > > > -----Original Message----- > > From: samba-admin@lists.samba.org [mailto:samba-admin@lists.samba.org]On > > Behalf Of Larry Clark > > Sent: Thursday, 25 January 2001 12:00 > > To: Bill Grzanich; samba@lists.samba.org > > Subject: Re: samba in an NT Domain? > > > > ok ...now I am getting somewhere. I changed the security domain and > > passwd server = "passwd server" and I am now able to log in lickety > > split. no problems. I was using security = server. and I would get > > problems like you wouldn't believe. now it seems to work fine, oh yea, > > passwd are encrypted too.....thanks > > > > Bill Grzanich wrote: > > > > > > Hi, Larry. > > > > > > > is anyone using a samba server with in an NT domain where it is > > > > authenticating users back to the NT domain controller? if so I would > > > > like to here from you and see your smb.conf file thanks....larry > > > > > > > > > > I've been following your discussion in the mailing list. I've attached > an > > > abbreviated copy of my smb.conf for your review. We have one Linux > server > > > (RedHat 6.2) and two NT servers in our network. One of the NT servers > is > > > the PDC and is used to authenticate users. I've deleted some of the > > printer > > > and user shares to reduce the file size, but I've left the [global] > > section > > > intact. I hope this helps. > > > > > > -Bill > > > > > > ------------------------------------------------------------------------ > > > Name: smb.conf > > > smb.conf Type: unspecified type (application/octet-stream) > > > Encoding: 7bit
it's just the initial connect. well its official, and I don't know what it is, but after changeing my security to user mode, the disabling the passwd server line, and then coming in this morning, it is still giving me problems connecting and logging in....not as bad though, but still 2 shares didn't connect but the third one did, and I think because there was already somone connected to the second samba machine, I was able to connect with no problems......samba is funny.....oh well........guess I will plug away at it some more today..thanks Chris Herrmann wrote:> > hmm... i can understand why there would be a lag - samba has to find a > pdc/bdc and ask it to authenticate but you don't want that to be really > slow... is it just the initial bit that's slow, or any time they connect to > a share? > > -----Original Message----- > From: root [mailto:root]On Behalf Of Larry Clark > Sent: Thursday, 25 January 2001 12:38 > To: Chris Herrmann > Subject: Re: samba in an NT Domain? > > man this sux......well I got this smb file from this guy and was looking > at it. and so I changed the security and changed it to domain. well it > worked for me, but with all the ohers users it made them lag and soime > didn't connect. takes to long to authenticate. I think it may have > something to do with novell on our wire, not sure. but when I change it > back to security = user, and disable passwd server =......then they all > connect really fast with no problems......weird huh? > > Chris Herrmann wrote: > > > > so now you're using security = domain ??? > > > > -----Original Message----- > > From: samba-admin@lists.samba.org [mailto:samba-admin@lists.samba.org]On > > Behalf Of Larry Clark > > Sent: Thursday, 25 January 2001 12:00 > > To: Bill Grzanich; samba@lists.samba.org > > Subject: Re: samba in an NT Domain? > > > > ok ...now I am getting somewhere. I changed the security domain and > > passwd server = "passwd server" and I am now able to log in lickety > > split. no problems. I was using security = server. and I would get > > problems like you wouldn't believe. now it seems to work fine, oh yea, > > passwd are encrypted too.....thanks > > > > Bill Grzanich wrote: > > > > > > Hi, Larry. > > > > > > > is anyone using a samba server with in an NT domain where it is > > > > authenticating users back to the NT domain controller? if so I would > > > > like to here from you and see your smb.conf file thanks....larry > > > > > > > > > > I've been following your discussion in the mailing list. I've attached > an > > > abbreviated copy of my smb.conf for your review. We have one Linux > server > > > (RedHat 6.2) and two NT servers in our network. One of the NT servers > is > > > the PDC and is used to authenticate users. I've deleted some of the > > printer > > > and user shares to reduce the file size, but I've left the [global] > > section > > > intact. I hope this helps. > > > > > > -Bill > > > > > > ------------------------------------------------------------------------ > > > Name: smb.conf > > > smb.conf Type: unspecified type (application/octet-stream) > > > Encoding: 7bit