I joined the domain with the samba server, however all the users map as
nobody. If I change the smb.conf to server it works fine.
OS = Solaris 9
Samba = 2.2.3a
Windows PDC = Active Directory
Windows Clients = 2000
smbstatus -> IPC$ nobody nobody 17575 eli-c3s666jst4k
(40.9.72.141) Mon Mar 3 15:24:50 2003
# Samba config file created using SWAT
# from ELI-5BG52B4HG.d51.lilly.com (40.8.44.189)
# Date: 2002/04/24 12:54:00
# Global parameters
[global]
workgroup = AM
netbios name = SUNTST1
security = DOMAIN
encrypt passwords = Yes
map to guest = Bad User
password server = 40.x.xxx.xx
username map = /usr/local/samba/lib/username.map
lanman auth = Yes
log file = /usr/local/samba/log/samba.%m
max open files = 30000
wins server = 40.xx.xx.x
kernel oplocks = No
remote announce = 40.xx.xx.x 40.xx.xx.xx
oplocks = No
[viewstore]
comment = Clearcase Viewstore
path = /clearcase/viewstore
read only = No
[vobstore]
comment = Clearcase Vobstore
path = /clearcase/vobstore
read only = No
smb.conf (END)
Mathew Spurgeon
Eli Lilly and Company
Software Engineering Support Team
Phone: (317) 276-7436
mspurgeon@lilly.com
Yes this is an interop for ClearCase, however I can not even got to the
ClearCase stuff right now.
The problem is "The way I understand":
Our production server is set to security = SERVER and this works, however
it really. You see if a user logins as MAT "uppercase" and logs out
and
logins as mat "lowercase" the samba connection is still there. To fix
this issue a user must reboot or do an ipconf /release /renew. The same
issue is when clearcase_albd creates the contain space on the server if
this happens after a user checks out a file the user must reboot.
I would like to change the settings to security = DOMAIN, because it
should drop the connection as soon as the operation is complete. Right
now I can not get the smbstatus to report userid when I connect the share.
I get an error Logon failure: unknown user name or bad password.
Thank you for the reply:
Mat
murali@epiphany.com
03/03/2003 03:45 PM
To: SPURGEON_MATHEW_D@LILLY.COM
cc:
Subject: RE: [Samba] security domain/server
Hi,
It looks like you are using samba as a interop for Clearacse?
Looks like your VOB server is on Solaris 9?
I am not clear what your question is?
Can you be more specific?
> -----Original Message-----
> From: SPURGEON_MATHEW_D@LILLY.COM [mailto:SPURGEON_MATHEW_D@LILLY.COM]
> Sent: Monday, March 03, 2003 12:31 PM
> To: samba@lists.samba.org
> Subject: [Samba] security domain/server
>
>
> I joined the domain with the samba server, however all the
> users map as
> nobody. If I change the smb.conf to server it works fine.
>
> OS = Solaris 9
> Samba = 2.2.3a
> Windows PDC = Active Directory
> Windows Clients = 2000
>
>
> smbstatus -> IPC$ nobody nobody 17575
> eli-c3s666jst4k
> (40.9.72.141) Mon Mar 3 15:24:50 2003
>
> # Samba config file created using SWAT
> # from ELI-5BG52B4HG.d51.lilly.com (40.8.44.189)
> # Date: 2002/04/24 12:54:00
>
> # Global parameters
> [global]
> workgroup = AM
> netbios name = SUNTST1
> security = DOMAIN
> encrypt passwords = Yes
> map to guest = Bad User
> password server = 40.x.xxx.xx
> username map = /usr/local/samba/lib/username.map
> lanman auth = Yes
> log file = /usr/local/samba/log/samba.%m
> max open files = 30000
> wins server = 40.xx.xx.x
> kernel oplocks = No
> remote announce = 40.xx.xx.x 40.xx.xx.xx
> oplocks = No
>
> [viewstore]
> comment = Clearcase Viewstore
> path = /clearcase/viewstore
> read only = No
>
> [vobstore]
> comment = Clearcase Vobstore
> path = /clearcase/vobstore
> read only = No
> smb.conf (END)
>
>
> Mathew Spurgeon
> Eli Lilly and Company
> Software Engineering Support Team
> Phone: (317) 276-7436
> mspurgeon@lilly.com
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
Mat,
Even though Rational (Now IBM) says this claims that the samba security domain
should work, We got
the same issue here. So, I changed it to security = server. If you make this
to work with domain, let me know...
thanks,
-Murali
-----Original Message-----
From: SPURGEON_MATHEW_D@LILLY.COM [mailto:SPURGEON_MATHEW_D@LILLY.COM]
Sent: Monday, March 03, 2003 1:02 PM
To: murali@epiphany.com
Cc: samba@lists.samba.org
Subject: RE: [Samba] security domain/server
Yes this is an interop for ClearCase, however I can not even got to the
ClearCase stuff right now.
The problem is "The way I understand":
Our production server is set to security = SERVER and this works, however it
really. You see if a user logins as MAT "uppercase" and logs out and
logins
as mat "lowercase" the samba connection is still there. To fix this
issue a
user must reboot or do an ipconf /release /renew. The same issue is when
clearcase_albd creates the contain space on the server if this happens after
a user checks out a file the user must reboot.
I would like to change the settings to security = DOMAIN, because it should
drop the connection as soon as the operation is complete. Right now I can
not get the smbstatus to report userid when I connect the share. I get an
error Logon failure: unknown user name or bad password.
Thank you for the reply:
Mat
murali@epiphany.com
03/03/2003 03:45 PM
To: SPURGEON_MATHEW_D@LILLY.COM
cc:
Subject: RE: [Samba] security domain/server
Hi,
It looks like you are using samba as a interop for Clearacse?
Looks like your VOB server is on Solaris 9?
I am not clear what your question is?
Can you be more specific?
> -----Original Message-----
> From: SPURGEON_MATHEW_D@LILLY.COM [mailto:SPURGEON_MATHEW_D@LILLY.COM]
> Sent: Monday, March 03, 2003 12:31 PM
> To: samba@lists.samba.org
> Subject: [Samba] security domain/server
>
>
> I joined the domain with the samba server, however all the
> users map as
> nobody. If I change the smb.conf to server it works fine.
>
> OS = Solaris 9
> Samba = 2.2.3a
> Windows PDC = Active Directory
> Windows Clients = 2000
>
>
> smbstatus -> IPC$ nobody nobody 17575
> eli-c3s666jst4k
> (40.9.72.141) Mon Mar 3 15:24:50 2003
>
> # Samba config file created using SWAT
> # from ELI-5BG52B4HG.d51.lilly.com (40.8.44.189)
> # Date: 2002/04/24 12:54:00
>
> # Global parameters
> [global]
> workgroup = AM
> netbios name = SUNTST1
> security = DOMAIN
> encrypt passwords = Yes
> map to guest = Bad User
> password server = 40.x.xxx.xx
> username map = /usr/local/samba/lib/username.map
> lanman auth = Yes
> log file = /usr/local/samba/log/samba.%m
> max open files = 30000
> wins server = 40.xx.xx.x
> kernel oplocks = No
> remote announce = 40.xx.xx.x 40.xx.xx.xx
> oplocks = No
>
> [viewstore]
> comment = Clearcase Viewstore
> path = /clearcase/viewstore
> read only = No
>
> [vobstore]
> comment = Clearcase Vobstore
> path = /clearcase/vobstore
> read only = No
> smb.conf (END)
>
>
> Mathew Spurgeon
> Eli Lilly and Company
> Software Engineering Support Team
> Phone: (317) 276-7436
> mspurgeon@lilly.com
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
On Tue, 2003-03-04 at 08:07, murali@epiphany.com wrote:> Mat, > > Even though Rational (Now IBM) says this claims that the samba security > domain should work, We got > the same issue here. So, I changed it to security = server. If you make this > to work with domain, let me know...As far as the clients are concerned, there is no difference between security=server and security=domain. So check the simple stuff - use smbclient for testing and ensure you have actually joined the domain correctly. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20030304/514db264/attachment.bin