Hi, Ive Samba 2.2.2 installed on RH7.2. Ive copied all the correct links across and edited my smb.conf file to include the following: ----------------------- [global] winbind separator = + winbind uid = 20001-30000 winbind gid = 20001-30000 winbind enum users = yes winbind enum groups = yes template shell = /bin/bash template homedir = /home/winnt/%D/%U workgroup = DWU server string = Samba GIMLI Server security = domain password server = DROMADER encrypt passwords = yes wins support = no wins server = 192.168.10.2 domain logons = no preferred master = no local master = no netbios name = gimli domain master = no log file = /var/log/samba/log.%m max log size = 5000 nt pipe support = yes log level = 10 [homes] comment = home browseable = no writable = yes ------------------------ In /etc/nsswitch.conf put the following: passwd: files winbind nisplus shadow: files winbind nisplus group: files winbind nisplus Also adding the following to '/etc/pam.d/system-auth' auth sufficient /lib/security/pam_winbind.so use_first_pass after the line which reads auth sufficient /lib/security/pam_unix.so likeauth nullok My '/etc/pam.d/samba' auth requisite /lib/security/pam_securetty.so auth requisite pam_nologin.so auth optional pam_env.so auth sufficient pam_winbind.so auth sufficient pam_pwdb.so shadow nullok use_first_pass account sufficient pam_winbind.so account required pam_pwdb.so shadow nullok session required /lib/security/pam_mkhomedir.so session required pam_pwdb.so shadow nullok session optional pam_lastlog.so session optional pam_mail.so session optional pam_motd.so password required pam_pwdb.so shadow nullok -------------------------------------------------------------------- then I ran: smbpasswd -j DWU -r DROMADER -U admin password: password That got accepted into the domain: joined domain DWU I then started winbindd and checked the output of 'wbinfo -t' which ouputed: secret is o.k I then ran : wbinfo -u Error looking up domain users Also if I run wbinfo -m It just takes me back to the prompt. What doing??? -- Piotr Paszy?ski
did you do an 'ldconfig -v | grep winbind' to install the libraries ? -----Original Message----- From: Piotr Paszynski [mailto:Safon@jedynka.com.pl] Sent: 29 January 2002 12:39 To: samba@lists.samba.org Subject: [Samba]Winbind and RH7.2 Hi, Ive Samba 2.2.2 installed on RH7.2. Ive copied all the correct links across and edited my smb.conf file to include the following: ----------------------- [global] winbind separator = + winbind uid = 20001-30000 winbind gid = 20001-30000 winbind enum users = yes winbind enum groups = yes template shell = /bin/bash template homedir = /home/winnt/%D/%U workgroup = DWU server string = Samba GIMLI Server security = domain password server = DROMADER encrypt passwords = yes wins support = no wins server = 192.168.10.2 domain logons = no preferred master = no local master = no netbios name = gimli domain master = no log file = /var/log/samba/log.%m max log size = 5000 nt pipe support = yes log level = 10 [homes] comment = home browseable = no writable = yes ------------------------ In /etc/nsswitch.conf put the following: passwd: files winbind nisplus shadow: files winbind nisplus group: files winbind nisplus Also adding the following to '/etc/pam.d/system-auth' auth sufficient /lib/security/pam_winbind.so use_first_pass after the line which reads auth sufficient /lib/security/pam_unix.so likeauth nullok My '/etc/pam.d/samba' auth requisite /lib/security/pam_securetty.so auth requisite pam_nologin.so auth optional pam_env.so auth sufficient pam_winbind.so auth sufficient pam_pwdb.so shadow nullok use_first_pass account sufficient pam_winbind.so account required pam_pwdb.so shadow nullok session required /lib/security/pam_mkhomedir.so session required pam_pwdb.so shadow nullok session optional pam_lastlog.so session optional pam_mail.so session optional pam_motd.so password required pam_pwdb.so shadow nullok -------------------------------------------------------------------- then I ran: smbpasswd -j DWU -r DROMADER -U admin password: password That got accepted into the domain: joined domain DWU I then started winbindd and checked the output of 'wbinfo -t' which ouputed: secret is o.k I then ran : wbinfo -u Error looking up domain users Also if I run wbinfo -m It just takes me back to the prompt. What doing??? -- Piotr Paszy?ski -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Hi Piotr, I don't see anything wrong with your config; with a log level = 10 ,you should have a pretty substantial /var/log/samba/log.winbindd; you should be able to look at that after your wbinfo -u and get a hint as to whats going wrong... Note that wbinfo -m comming back to the prompt without information is not unusual, esp. if the domain you have joined HAS no trusts established with any other domains.... Hope this helps, Don -----Original Message----- From: Piotr Paszynski [mailto:Safon@jedynka.com.pl] Sent: Tuesday, January 29, 2002 7:39 AM To: samba@lists.samba.org Subject: [Samba]Winbind and RH7.2 Hi, Ive Samba 2.2.2 installed on RH7.2. Ive copied all the correct links across and edited my smb.conf file to include the following: ----------------------- [global] winbind separator = + winbind uid = 20001-30000 winbind gid = 20001-30000 winbind enum users = yes winbind enum groups = yes template shell = /bin/bash template homedir = /home/winnt/%D/%U workgroup = DWU server string = Samba GIMLI Server security = domain password server = DROMADER encrypt passwords = yes wins support = no wins server = 192.168.10.2 domain logons = no preferred master = no local master = no netbios name = gimli domain master = no log file = /var/log/samba/log.%m max log size = 5000 nt pipe support = yes log level = 10 [homes] comment = home browseable = no writable = yes ------------------------ In /etc/nsswitch.conf put the following: passwd: files winbind nisplus shadow: files winbind nisplus group: files winbind nisplus Also adding the following to '/etc/pam.d/system-auth' auth sufficient /lib/security/pam_winbind.so use_first_pass after the line which reads auth sufficient /lib/security/pam_unix.so likeauth nullok My '/etc/pam.d/samba' auth requisite /lib/security/pam_securetty.so auth requisite pam_nologin.so auth optional pam_env.so auth sufficient pam_winbind.so auth sufficient pam_pwdb.so shadow nullok use_first_pass account sufficient pam_winbind.so account required pam_pwdb.so shadow nullok session required /lib/security/pam_mkhomedir.so session required pam_pwdb.so shadow nullok session optional pam_lastlog.so session optional pam_mail.so session optional pam_motd.so password required pam_pwdb.so shadow nullok -------------------------------------------------------------------- then I ran: smbpasswd -j DWU -r DROMADER -U admin password: password That got accepted into the domain: joined domain DWU I then started winbindd and checked the output of 'wbinfo -t' which ouputed: secret is o.k I then ran : wbinfo -u Error looking up domain users Also if I run wbinfo -m It just takes me back to the prompt. What doing??? -- Piotr Paszy?ski -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
> -----Original Message----- > From: Noel Kelly [mailto:nkelly@tarsus.co.uk] > Sent: Tuesday, January 29, 2002 3:45 PM > To: 'Piotr Paszynski' > Subject: RE: [Samba]Winbind and RH7.2 > > > 'getent passwd' does not work ? can u ping by netbios name ?'getent passwd' returns only local users I can ping by netbios name and i see samba share from another computers. General, samba works, only wbinfo -u and wbinfo -g returns me: 'error looking up domain users' or 'Error looking up domain groups'. 'wbinfo -n DarekNT' returns good SID 'wbinfo -n "Domain Users"' returns correct SID log.winbindd after 'wbinfo -u' : ---------- [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32s(713) 0060 sub_auths : 00000015 4fd00fa0 7c906d38 00d64d56 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32(547) 0070 num_entries: 00000001 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32(547) 0074 ptr_entries: 0019c3d0 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32(547) 0078 num_entries2: 00000001 [2002/01/30 09:39:48, 6] rpc_parse/parse_prs.c:prs_debug(63) 00007c smb_io_dom_rid2 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint8(489) 007c type : 02 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32(547) 0080 rid : 00000200 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32(547) 0084 rid_idx: 00000000 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32(547) 0088 mapped_count: 00000001 [2002/01/30 09:39:48, 5] rpc_parse/parse_prs.c:prs_uint32(547) 008c status : 00000000 [2002/01/30 09:39:48, 5] nsswitch/winbindd.c:client_read(404) read failed on sock 17, pid 1290: EOF -------------> -----Original Message----- > From: Piotr Paszynski [mailto:Safon@jedynka.com.pl] > Sent: 29 January 2002 14:33 > To: Noel Kelly > Subject: RE: [Samba]Winbind and RH7.2 > > > > > > did you do an 'ldconfig -v | grep winbind' to install the libraries ? > > Yes. And compile, configure direct Youre procedure... > > > -----Original Message----- > > From: Piotr Paszynski [mailto:Safon@jedynka.com.pl] > > Sent: 29 January 2002 12:39 > > To: samba@lists.samba.org > > Subject: [Samba]Winbind and RH7.2 > > > > > > Hi, > > > > Ive Samba 2.2.2 installed on RH7.2. > > Ive copied all the correct links across and edited my smb.conf file to > > include the following: > > ----------------------- > > [global] > > winbind separator = + > > winbind uid = 20001-30000 > > winbind gid = 20001-30000 > > winbind enum users = yes > > winbind enum groups = yes > > template shell = /bin/bash > > template homedir = /home/winnt/%D/%U > > > > workgroup = DWU > > server string = Samba GIMLI Server > > security = domain > > password server = DROMADER > > encrypt passwords = yes > > wins support = no > > wins server = 192.168.10.2 > > domain logons = no > > preferred master = no > > local master = no > > netbios name = gimli > > domain master = no > > log file = /var/log/samba/log.%m > > max log size = 5000 > > nt pipe support = yes > > log level = 10 > > > > [homes] > > comment = home > > browseable = no > > writable = yes > > ------------------------ > > In /etc/nsswitch.conf put the following: > > > > passwd: files winbind nisplus > > shadow: files winbind nisplus > > group: files winbind nisplus > > > > Also adding the following to '/etc/pam.d/system-auth' > > > > auth sufficient /lib/security/pam_winbind.so use_first_pass > > after the line which reads > > auth sufficient /lib/security/pam_unix.so likeauth nullok > > > > My '/etc/pam.d/samba' > > > > auth requisite /lib/security/pam_securetty.so > > auth requisite pam_nologin.so > > auth optional pam_env.so > > auth sufficient pam_winbind.so > > auth sufficient pam_pwdb.so shadow nullok use_first_pass > > account sufficient pam_winbind.so > > account required pam_pwdb.so shadow nullok > > session required /lib/security/pam_mkhomedir.so > > session required pam_pwdb.so shadow nullok > > session optional pam_lastlog.so > > session optional pam_mail.so > > session optional pam_motd.so > > password required pam_pwdb.so shadow nullok > > -------------------------------------------------------------------- > > > > then I ran: > > > > smbpasswd -j DWU -r DROMADER -U admin > > password: password > > > > That got accepted into the domain: joined domain DWU > > > > I then started winbindd and checked the output of 'wbinfo -t' > > which ouputed: secret is o.k > > I then ran : > > > > wbinfo -u > > Error looking up domain users > > > > Also if I run wbinfo -m > > It just takes me back to the prompt. > > > > What doing??? > > > > -- > > Piotr Paszy?ski > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba
What does "wbinfo -t" say? Is the DC in native mode? Are you running Service packs on the domain controller? Try what's suggested in this mail (especially if wbinfo -t works, but wbinfo -u does not): http://lists.samba.org/pipermail/samba-technical/2001-October/032017.html Buchan> Message: 7 > From: "Piotr Paszynski" <Safon@jedynka.com.pl> > To: "Samba List" <samba@lists.samba.org>, > "Noel Kelly" <nkelly@tarsus.co.uk> > Date: Wed, 30 Jan 2002 10:21:20 +0100 > Subject: [Samba] RE: [Samba]Winbind and RH7.2 > > > > >> -----Original Message----- >> From: Noel Kelly [mailto:nkelly@tarsus.co.uk] >> Sent: Tuesday, January 29, 2002 3:45 PM >> To: 'Piotr Paszynski' >> Subject: RE: [Samba]Winbind and RH7.2 >> >> >> 'getent passwd' does not work ? can u ping by netbios name ? > > > 'getent passwd' returns only local users > I can ping by netbios name and i see samba share from another computers. > General, samba works, only wbinfo -u and wbinfo -g returns me: 'error > looking up domain users' or 'Error looking up domain groups'. > 'wbinfo -n DarekNT' returns good SID > 'wbinfo -n "Domain Users"' returns correct SID > > log.winbindd after 'wbinfo -u' : > >-- |----------------Registered Linux User #182071-----------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 808 2497 ext 202 Stellenbosch Automotive Engineering http://www.cae.co.za
I'm having this same problem. My wbinfo -t says "could not check secret" My DC is in native mode, service pack 2 on the DC Checked the web link provided, It was already set up correctly. -----Original Message----- From: Buchan Milne [mailto:bgmilne@cae.co.za] Sent: Wednesday, January 30, 2002 11:16 AM To: Piotr Paszynski Cc: samba@lists.samba.org Subject: Re: [Samba] RE: [Samba]Winbind and RH7.2 What does "wbinfo -t" say? Is the DC in native mode? Are you running Service packs on the domain controller? Try what's suggested in this mail (especially if wbinfo -t works, but wbinfo -u does not): http://lists.samba.org/pipermail/samba-technical/2001-October/032017.htm l Buchan> Message: 7 > From: "Piotr Paszynski" <Safon@jedynka.com.pl> > To: "Samba List" <samba@lists.samba.org>, > "Noel Kelly" <nkelly@tarsus.co.uk> > Date: Wed, 30 Jan 2002 10:21:20 +0100 > Subject: [Samba] RE: [Samba]Winbind and RH7.2 > > > > >> -----Original Message----- >> From: Noel Kelly [mailto:nkelly@tarsus.co.uk] >> Sent: Tuesday, January 29, 2002 3:45 PM >> To: 'Piotr Paszynski' >> Subject: RE: [Samba]Winbind and RH7.2 >> >> >> 'getent passwd' does not work ? can u ping by netbios name ? > > > 'getent passwd' returns only local users > I can ping by netbios name and i see samba share from another > computers. General, samba works, only wbinfo -u and wbinfo -g returns > me: 'error looking up domain users' or 'Error looking up domain > groups'. 'wbinfo -n DarekNT' returns good SID 'wbinfo -n "Domain > Users"' returns correct SID > > log.winbindd after 'wbinfo -u' : > >-- |----------------Registered Linux User #182071-----------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 808 2497 ext 202 Stellenbosch Automotive Engineering http://www.cae.co.za -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Why did you respond to my question with a question? Start a new thread! -----Original Message----- From: Sanjiv Bawa [mailto:sbawa@tabmaster.com] Sent: Wednesday, January 30, 2002 1:59 PM To: samba@lists.samba.org Subject: RE: [Samba] RE: [Samba]Winbind and RH7.2 Has anybody used an IPSec VPN with samba? I hear FreeSwan is good. What Windows clients should I use? Any other tips or tricks? Thanks. -----Original Message----- From: samba-admin@lists.samba.org [mailto:samba-admin@lists.samba.org]On Behalf Of Blanchard, Michael Sent: Wednesday, January 30, 2002 11:50 AM Cc: samba@lists.samba.org Subject: [Samba] RE: [Samba]Winbind and RH7.2 I'm having this same problem. My wbinfo -t says "could not check secret" My DC is in native mode, service pack 2 on the DC Checked the web link provided, It was already set up correctly. -----Original Message----- From: Buchan Milne [mailto:bgmilne@cae.co.za] Sent: Wednesday, January 30, 2002 11:16 AM To: Piotr Paszynski Cc: samba@lists.samba.org Subject: Re: [Samba] RE: [Samba]Winbind and RH7.2 What does "wbinfo -t" say? Is the DC in native mode? Are you running Service packs on the domain controller? Try what's suggested in this mail (especially if wbinfo -t works, but wbinfo -u does not): http://lists.samba.org/pipermail/samba-technical/2001-October/032017.htm l Buchan> Message: 7 > From: "Piotr Paszynski" <Safon@jedynka.com.pl> > To: "Samba List" <samba@lists.samba.org>, > "Noel Kelly" <nkelly@tarsus.co.uk> > Date: Wed, 30 Jan 2002 10:21:20 +0100 > Subject: [Samba] RE: [Samba]Winbind and RH7.2 > > > > >> -----Original Message----- >> From: Noel Kelly [mailto:nkelly@tarsus.co.uk] >> Sent: Tuesday, January 29, 2002 3:45 PM >> To: 'Piotr Paszynski' >> Subject: RE: [Samba]Winbind and RH7.2 >> >> >> 'getent passwd' does not work ? can u ping by netbios name ? > > > 'getent passwd' returns only local users > I can ping by netbios name and i see samba share from another > computers. General, samba works, only wbinfo -u and wbinfo -g returns > me: 'error looking up domain users' or 'Error looking up domain > groups'. 'wbinfo -n DarekNT' returns good SID 'wbinfo -n "Domain > Users"' returns correct SID > > log.winbindd after 'wbinfo -u' : > >-- |----------------Registered Linux User #182071-----------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 808 2497 ext 202 Stellenbosch Automotive Engineering http://www.cae.co.za -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Has anybody used an IPSec VPN with samba? I hear FreeSwan is good. What Windows clients should I use? Any other tips or tricks? Thanks.
Hi, This is'nt problem with samba or redhat. This is problem with DC. DC is windows NT4.0 SP6a, and WARNING: implemented "restrict anonymous access" - describet in MS KBN article "Restricting Information Available to Anonymous Logon Users" (Q143474) http://support.microsoft.com/default.aspx?scid=kb;en-us;Q143474 This registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\RestrictAnonymous must set to 0, and Samba and wbinfo works fine... Thanks All Piotr> -----Original Message----- > From: Noel Kelly [mailto:nkelly@tarsus.co.uk] > Sent: Tuesday, January 29, 2002 3:45 PM > To: 'Piotr Paszynski' > Subject: RE: [Samba]Winbind and RH7.2 > > > 'getent passwd' does not work ? can u ping by netbios name ? > > -----Original Message----- > From: Piotr Paszynski [mailto:Safon@jedynka.com.pl] > Sent: 29 January 2002 14:33 > To: Noel Kelly > Subject: RE: [Samba]Winbind and RH7.2 > > > > > > did you do an 'ldconfig -v | grep winbind' to install the libraries ? > > Yes. And compile, configure direct Youre procedure... > > > then I ran: > > > > smbpasswd -j DWU -r DROMADER -U admin > > password: password > > > > That got accepted into the domain: joined domain DWU > > > > I then started winbindd and checked the output of 'wbinfo -t' > > which ouputed: secret is o.k > > I then ran : > > > > wbinfo -u > > Error looking up domain users > > > > Also if I run wbinfo -m > > It just takes me back to the prompt. > > > > What doing??? > > > > -- > > Piotr Paszy?ski > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba