Hi Robert and List,
As you told me I upgrated to Samba 2.2.5 because I'm doing the test with a
machine which has RedHat 8.0 and this RedHat version comes with it....
Anyway.....
So I made the procedure step by step but I haven't found how to make my
Windows 2000 users (PDC) can access the Linux shared folder and this is
what I've done:
My smb.conf looks like this:
[global]
workgroup = MCSE
server string = Samba Server Laboratorio CUS
netbios name = redhatcus
log file = /var/log/samba/%m.log
max log size = 0
security = domain
password server = win2k1
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
[Test]
comment = Shared Folder
path = /Test
writable = yes
printable = no
-----------------------------------
After this I added the linux machine with its netbios name (redhatcus) in
the Windows 2000 machine (PDC) then I returned to Linux and I ran this
command:
smbpasswd -r MCSE -j win2k1
It joined without any problem and I executed this command with different
users (users registered in the PDC):
[root@redhatcus /]# smbclient -L redhatcus -U administrator
added interface ip=9.177.4.156 bcast=9.255.255.255 nmask=255.0.0.0
Password:
Domain=[MCSE] OS=[Unix] Server=[Samba 2.2.5]
Sharename Type Comment
--------- ---- -------
Test Disk Shared Folder
IPC$ IPC IPC Service (Samba Server Laboratorio CUS)
ADMIN$ Disk IPC Service (Samba Server Laboratorio CUS)
Server Comment
--------- -------
REDHATCUS Samba Server Laboratorio CUS
Workgroup Master
--------- -------
MCSE REDHATCUS
[root@redhatcus /]#
But when I try to access the Test folder from Windows 2000 (PDC) using the
Windows users it fails... it says incorrect password or unknown username.
It makes me think that it's not an upgrade problem and it's a
configuration
problem instead but I'm not quite sure about this so I wrote this 'cause
you are the experts on samba and I really need your help......
Did I miss something in the smb.conf file?
Do I have to do something else with my smbpasswd file or my smbusers file?
or maybe my passwd command or my smbadduser command?
The matter of all this is that I wouldn't like to have to create each one
of the Windows users in the Linux machine... it wouldn't be reasonable...
So I'll be here waiting for your help :-)
Thanks in advance
Leonardo
Leonard,
Did you go though the PDF document that John sent you the link to a couple
days ago?
http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.pdf
I finally worked through getting this setup on my NT4.0 domain and have it
working great. There are a couple things that will very from the
documentation in the PDF. If you have a test environment, i can wall you
through the procedures that i used to set it up.
-----Original Message-----
From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net]
Sent: Tuesday, April 29, 2003 4:11 PM
To: samba@lists.samba.org; radkins@impelind.com
Subject: [Samba] Samba - User Authentication
Hi Robert and List,
As you told me I upgrated to Samba 2.2.5 because I'm doing the test with a
machine which has RedHat 8.0 and this RedHat version comes with it....
Anyway.....
So I made the procedure step by step but I haven't found how to make my
Windows 2000 users (PDC) can access the Linux shared folder and this is
what I've done:
My smb.conf looks like this:
[global]
workgroup = MCSE
server string = Samba Server Laboratorio CUS
netbios name = redhatcus
log file = /var/log/samba/%m.log
max log size = 0
security = domain
password server = win2k1
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
[Test]
comment = Shared Folder
path = /Test
writable = yes
printable = no
-----------------------------------
After this I added the linux machine with its netbios name (redhatcus) in
the Windows 2000 machine (PDC) then I returned to Linux and I ran this
command:
smbpasswd -r MCSE -j win2k1
It joined without any problem and I executed this command with different
users (users registered in the PDC):
[root@redhatcus /]# smbclient -L redhatcus -U administrator
added interface ip=9.177.4.156 bcast=9.255.255.255 nmask=255.0.0.0
Password:
Domain=[MCSE] OS=[Unix] Server=[Samba 2.2.5]
Sharename Type Comment
--------- ---- -------
Test Disk Shared Folder
IPC$ IPC IPC Service (Samba Server Laboratorio CUS)
ADMIN$ Disk IPC Service (Samba Server Laboratorio CUS)
Server Comment
--------- -------
REDHATCUS Samba Server Laboratorio CUS
Workgroup Master
--------- -------
MCSE REDHATCUS
[root@redhatcus /]#
But when I try to access the Test folder from Windows 2000 (PDC) using the
Windows users it fails... it says incorrect password or unknown username.
It makes me think that it's not an upgrade problem and it's a
configuration
problem instead but I'm not quite sure about this so I wrote this 'cause
you are the experts on samba and I really need your help......
Did I miss something in the smb.conf file?
Do I have to do something else with my smbpasswd file or my smbusers file?
or maybe my passwd command or my smbadduser command?
The matter of all this is that I wouldn't like to have to create each one
of the Windows users in the Linux machine... it wouldn't be reasonable...
So I'll be here waiting for your help :-)
Thanks in advance
Leonardo
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Hi Clint,
Yes I did. I went throught that manual but without any success. If you
might tell me what you did to figure this problem out I will appriciate it.
In fact what I am doing is not a test enviroment because if it were I won't
be so worry about it.
Thanks Once Again
Leonardo
----------- Mensaje Original --------------
De: Board, Clint [cboard@ufsonline.com]
Para: leonardorleon@cantv.net [leonardorleon@cantv.net],
samba@lists.samba.org [samba@lists.samba.org], radkins@impelind.com
[radkins@impelind.com]
Cc:
Asunto: RE: [Samba] Samba - User Authentication
Fecha: 29/04/2003 17:17:03
Mensaje:
Leonard,
Did you go though the PDF document that John sent you the link to a couple
days ago?
http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.pdf
I finally worked through getting this setup on my NT4.0 domain and have it
working great. There are a couple things that will very from the
documentation in the PDF. If you have a test environment, i can wall you
through the procedures that i used to set it up.
-----Original Message-----
From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net]
Sent: Tuesday, April 29, 2003 4:11 PM
To: samba@lists.samba.org; radkins@impelind.com
Subject: [Samba] Samba - User Authentication
Hi Robert and List,
As you told me I upgrated to Samba 2.2.5 because I'm doing the test with a
machine which has RedHat 8.0 and this RedHat version comes with it....
Anyway.....
So I made the procedure step by step but I haven't found how to make my
Windows 2000 users (PDC) can access the Linux shared folder and this is
what I've done:
My smb.conf looks like this:
[global]
workgroup = MCSE
server string = Samba Server Laboratorio CUS
netbios name = redhatcus
log file = /var/log/samba/%m.log
max log size = 0
security = domain
password server = win2k1
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
[Test]
comment = Shared Folder
path = /Test
writable = yes
printable = no
-----------------------------------
After this I added the linux machine with its netbios name (redhatcus) in
the Windows 2000 machine (PDC) then I returned to Linux and I ran this
command:
smbpasswd -r MCSE -j win2k1
It joined without any problem and I executed this command with different
users (users registered in the PDC):
[root@redhatcus /]# smbclient -L redhatcus -U administrator
added interface ip=9.177.4.156 bcast=9.255.255.255 nmask=255.0.0.0
Password:
Domain=[MCSE] OS=[Unix] Server=[Samba 2.2.5]
Sharename Type Comment
--------- ---- -------
Test Disk Shared Folder
IPC$ IPC IPC Service (Samba Server Laboratorio CUS)
ADMIN$ Disk IPC Service (Samba Server Laboratorio CUS)
Server Comment
--------- -------
REDHATCUS Samba Server Laboratorio CUS
Workgroup Master
--------- -------
MCSE REDHATCUS
[root@redhatcus /]#
But when I try to access the Test folder from Windows 2000 (PDC) using the
Windows users it fails... it says incorrect password or unknown username.
It makes me think that it's not an upgrade problem and it's a
configuration
problem instead but I'm not quite sure about this so I wrote this 'cause
you are the experts on samba and I really need your help......
Did I miss something in the smb.conf file?
Do I have to do something else with my smbpasswd file or my smbusers file?
or maybe my passwd command or my smbadduser command?
The matter of all this is that I wouldn't like to have to create each one
of the Windows users in the Linux machine... it wouldn't be reasonable...
So I'll be here waiting for your help :-)
Thanks in advance
Leonardo
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Leonard,
Here are the preliminary steps i went through to setup RedHat9, running
Samba 3.0 23alpha-1 as a domain member:
Downloaded the Samba SRPM and did a build
installed my new build
smb.conf changes:
security = DOMAIN
workgroup = DOM
password server = *
wins server = xxx.xxx.xxx.xxx
hosts allow = xxx.xxx.xxx. 127.
I would run testparm just to make sure my smb.conf is not broken.
Created computer account on the domain through server manager
Join the domain
root#net join -S DOMPDC -U 'DOM\Administrator%password'
As long as this returns "Joined domain DOM" or some other success
message
you are good to go.
At this point your samba server is setup as a domain member, if you are not
concerned about using domain level users and groups for permissions you
don't need to go any further.
Next i added the winbind configuration to the smb.conf
winbind uid = 10000-20000
winbind gid = 10000-20000
template homedir = /home/winnt/%D/%U
template shell = /bin/bash
I would run testparm just to make sure my smb.conf is not broken again.
Start samba and winbind and make sure they are both running.
Test to see if the machine account on the domain is valid.
root#wbinfo -t
Test to see if you can authenticate on the domain from winbind.
root#wbinfo -a 'DOM\user%password'
Set the account that winbind will use to retrieve user and group
information. This needs to be the domain administrator account or an account
with domain admin rights.
root#wbinfo -A 'DOM\user%password'
Test to see if it is working.
root#wbinfo -u
You should see a list of users from the domain :)
Let me know if you have questions or if you get to a point of failure. I
definatly want to know the outcome if it is successful.
-----Original Message-----
From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net]
Sent: Tuesday, April 29, 2003 5:16 PM
To: cboard@ufsonline.com
Cc: samba@lists.samba.org; radkins@impelind.com
Subject: RE: [Samba] Samba - User Authentication
Hi Clint,
Yes I did. I went throught that manual but without any success. If you
might tell me what you did to figure this problem out I will appriciate it.
In fact what I am doing is not a test enviroment because if it were I won't
be so worry about it.
Thanks Once Again
Leonardo
----------- Mensaje Original --------------
De: Board, Clint [cboard@ufsonline.com]
Para: leonardorleon@cantv.net [leonardorleon@cantv.net],
samba@lists.samba.org [samba@lists.samba.org], radkins@impelind.com
[radkins@impelind.com]
Cc:
Asunto: RE: [Samba] Samba - User Authentication
Fecha: 29/04/2003 17:17:03
Mensaje:
Leonard,
Did you go though the PDF document that John sent you the link to a couple
days ago?
http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.pdf
I finally worked through getting this setup on my NT4.0 domain and have it
working great. There are a couple things that will very from the
documentation in the PDF. If you have a test environment, i can wall you
through the procedures that i used to set it up.
-----Original Message-----
From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net]
Sent: Tuesday, April 29, 2003 4:11 PM
To: samba@lists.samba.org; radkins@impelind.com
Subject: [Samba] Samba - User Authentication
Hi Robert and List,
As you told me I upgrated to Samba 2.2.5 because I'm doing the test with a
machine which has RedHat 8.0 and this RedHat version comes with it....
Anyway.....
So I made the procedure step by step but I haven't found how to make my
Windows 2000 users (PDC) can access the Linux shared folder and this is
what I've done:
My smb.conf looks like this:
[global]
workgroup = MCSE
server string = Samba Server Laboratorio CUS
netbios name = redhatcus
log file = /var/log/samba/%m.log
max log size = 0
security = domain
password server = win2k1
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
[Test]
comment = Shared Folder
path = /Test
writable = yes
printable = no
-----------------------------------
After this I added the linux machine with its netbios name (redhatcus) in
the Windows 2000 machine (PDC) then I returned to Linux and I ran this
command:
smbpasswd -r MCSE -j win2k1
It joined without any problem and I executed this command with different
users (users registered in the PDC):
[root@redhatcus /]# smbclient -L redhatcus -U administrator
added interface ip=9.177.4.156 bcast=9.255.255.255 nmask=255.0.0.0
Password:
Domain=[MCSE] OS=[Unix] Server=[Samba 2.2.5]
Sharename Type Comment
--------- ---- -------
Test Disk Shared Folder
IPC$ IPC IPC Service (Samba Server Laboratorio CUS)
ADMIN$ Disk IPC Service (Samba Server Laboratorio CUS)
Server Comment
--------- -------
REDHATCUS Samba Server Laboratorio CUS
Workgroup Master
--------- -------
MCSE REDHATCUS
[root@redhatcus /]#
But when I try to access the Test folder from Windows 2000 (PDC) using the
Windows users it fails... it says incorrect password or unknown username.
It makes me think that it's not an upgrade problem and it's a
configuration
problem instead but I'm not quite sure about this so I wrote this 'cause
you are the experts on samba and I really need your help......
Did I miss something in the smb.conf file?
Do I have to do something else with my smbpasswd file or my smbusers file?
or maybe my passwd command or my smbadduser command?
The matter of all this is that I wouldn't like to have to create each one
of the Windows users in the Linux machine... it wouldn't be reasonable...
So I'll be here waiting for your help :-)
Thanks in advance
Leonardo
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Clint, I was fighting with samba the day before and I finally found to do something new (something good)... as you did it I had to use winbind with samba too and I could do this: [root@redhatcus etc]# wbinfo -u Administrator db2admin Guest guigonza IUSR_HAL IWAM_HAL krbtgt leosamba lrodrigu NetShowServices pruebasamba samba smbusr sysadm TsInternetUser usrsamba [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -g Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Cert Publishers Schema Admins Enterprise Admins Group Policy Creator Owners [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -t Secret is good [root@redhatcus etc]# Now I can do a telnet connection using the Windows users and everything's ok But I still can't authenticate the Windows users in order to they can access the Linux folder, take at look at the folder configuration in my smb.conf file: [Samba] comment = Shared Folder path = /Samba valid users = administrator lrodrigu public = no writable = yes printable = no create mask = 0775 If I delete the valid users, public, create mask lines then I can access it without using any username and password but I don't want do it that way, I'd like to only some users could have access... Do you know something about that? What do I have to do to figure this out? Thanks Leonardo ----------- Mensaje Original -------------- Leonard, Here are the preliminary steps i went through to setup RedHat9, running Samba 3.0 23alpha-1 as a domain member: Downloaded the Samba SRPM and did a build installed my new build smb.conf changes: security = DOMAIN workgroup = DOM password server = * wins server = xxx.xxx.xxx.xxx hosts allow = xxx.xxx.xxx. 127. I would run testparm just to make sure my smb.conf is not broken. Created computer account on the domain through server manager Join the domain root#net join -S DOMPDC -U 'DOM\Administrator%password' As long as this returns "Joined domain DOM" or some other success message you are good to go. At this point your samba server is setup as a domain member, if you are not concerned about using domain level users and groups for permissions you don't need to go any further. Next i added the winbind configuration to the smb.conf winbind uid = 10000-20000 winbind gid = 10000-20000 template homedir = /home/winnt/%D/%U template shell = /bin/bash I would run testparm just to make sure my smb.conf is not broken again. Start samba and winbind and make sure they are both running. Test to see if the machine account on the domain is valid. root#wbinfo -t Test to see if you can authenticate on the domain from winbind. root#wbinfo -a 'DOM\user%password' Set the account that winbind will use to retrieve user and group information. This needs to be the domain administrator account or an account with domain admin rights. root#wbinfo -A 'DOM\user%password' Test to see if it is working. root#wbinfo -u You should see a list of users from the domain :) Let me know if you have questions or if you get to a point of failure. I definatly want to know the outcome if it is successful.
I just tested this out, here is what i did and worked fine: smb.conf (share definition): [test] comment = Shared Folder path = /home/test valid users = DOM\Administrator DOM\user public = no writable = yes printable = no create mask = 0775 i ran testparm to make sure everything was cool. i created the directory as root, which set the owner:group to root, so: chown 'DOM\Administrator:DOM\Domain Admins' test I stopped winbind I restarted smb I started winbind Let me know if this works for you, i think you problem is in your permissions. -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 12:47 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Clint, I was fighting with samba the day before and I finally found to do something new (something good)... as you did it I had to use winbind with samba too and I could do this: [root@redhatcus etc]# wbinfo -u Administrator db2admin Guest guigonza IUSR_HAL IWAM_HAL krbtgt leosamba lrodrigu NetShowServices pruebasamba samba smbusr sysadm TsInternetUser usrsamba [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -g Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Cert Publishers Schema Admins Enterprise Admins Group Policy Creator Owners [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -t Secret is good [root@redhatcus etc]# Now I can do a telnet connection using the Windows users and everything's ok But I still can't authenticate the Windows users in order to they can access the Linux folder, take at look at the folder configuration in my smb.conf file: [Samba] comment = Shared Folder path = /Samba valid users = administrator lrodrigu public = no writable = yes printable = no create mask = 0775 If I delete the valid users, public, create mask lines then I can access it without using any username and password but I don't want do it that way, I'd like to only some users could have access... Do you know something about that? What do I have to do to figure this out? Thanks Leonardo ----------- Mensaje Original -------------- Leonard, Here are the preliminary steps i went through to setup RedHat9, running Samba 3.0 23alpha-1 as a domain member: Downloaded the Samba SRPM and did a build installed my new build smb.conf changes: security = DOMAIN workgroup = DOM password server = * wins server = xxx.xxx.xxx.xxx hosts allow = xxx.xxx.xxx. 127. I would run testparm just to make sure my smb.conf is not broken. Created computer account on the domain through server manager Join the domain root#net join -S DOMPDC -U 'DOM\Administrator%password' As long as this returns "Joined domain DOM" or some other success message you are good to go. At this point your samba server is setup as a domain member, if you are not concerned about using domain level users and groups for permissions you don't need to go any further. Next i added the winbind configuration to the smb.conf winbind uid = 10000-20000 winbind gid = 10000-20000 template homedir = /home/winnt/%D/%U template shell = /bin/bash I would run testparm just to make sure my smb.conf is not broken again. Start samba and winbind and make sure they are both running. Test to see if the machine account on the domain is valid. root#wbinfo -t Test to see if you can authenticate on the domain from winbind. root#wbinfo -a 'DOM\user%password' Set the account that winbind will use to retrieve user and group information. This needs to be the domain administrator account or an account with domain admin rights. root#wbinfo -A 'DOM\user%password' Test to see if it is working. root#wbinfo -u You should see a list of users from the domain :) Let me know if you have questions or if you get to a point of failure. I definatly want to know the outcome if it is successful.
Hi Clint, There's something I don't understand.... why when I do 'wbinfo -u' the users doesn't appear with their domain for example MCSE\administrator? I just get it like this: administrator..... as you can see down in the list...... So I had to made this: chown 'administrator:Domain Users' /Samba/ and I had to add it just like 'administrator' without the domain..... as you could see I still haven't had any success. Any clue about it? Thanks ----------- Mensaje Original -------------- De: Board, Clint [cboard@ufsonline.com] Para: leonardorleon@cantv.net [leonardorleon@cantv.net], Board, Clint [cboard@ufsonline.com] Cc: samba@lists.samba.org [samba@lists.samba.org] Asunto: RE: [Samba] Samba - User Authentication Fecha: 30/04/2003 14:41:27 Mensaje: I just tested this out, here is what i did and worked fine: smb.conf (share definition): [test] comment = Shared Folder path = /home/test valid users = DOM\Administrator DOM\user public = no writable = yes printable = no create mask = 0775 i ran testparm to make sure everything was cool. i created the directory as root, which set the owner:group to root, so: chown 'DOM\Administrator:DOM\Domain Admins' test I stopped winbind I restarted smb I started winbind Let me know if this works for you, i think you problem is in your permissions. -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 12:47 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Clint, I was fighting with samba the day before and I finally found to do something new (something good)... as you did it I had to use winbind with samba too and I could do this: [root@redhatcus etc]# wbinfo -u Administrator db2admin Guest guigonza IUSR_HAL IWAM_HAL krbtgt leosamba lrodrigu NetShowServices pruebasamba samba smbusr sysadm TsInternetUser usrsamba [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -g Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Cert Publishers Schema Admins Enterprise Admins Group Policy Creator Owners [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -t Secret is good [root@redhatcus etc]# Now I can do a telnet connection using the Windows users and everything's ok But I still can't authenticate the Windows users in order to they can access the Linux folder, take at look at the folder configuration in my smb.conf file: [Samba] comment = Shared Folder path = /Samba valid users = administrator lrodrigu public = no writable = yes printable = no create mask = 0775 If I delete the valid users, public, create mask lines then I can access it without using any username and password but I don't want do it that way, I'd like to only some users could have access... Do you know something about that? What do I have to do to figure this out? Thanks Leonardo ----------- Mensaje Original -------------- Leonard, Here are the preliminary steps i went through to setup RedHat9, running Samba 3.0 23alpha-1 as a domain member: Downloaded the Samba SRPM and did a build installed my new build smb.conf changes: security = DOMAIN workgroup = DOM password server = * wins server = xxx.xxx.xxx.xxx hosts allow = xxx.xxx.xxx. 127. I would run testparm just to make sure my smb.conf is not broken. Created computer account on the domain through server manager Join the domain root#net join -S DOMPDC -U 'DOM\Administrator%password' As long as this returns "Joined domain DOM" or some other success message you are good to go. At this point your samba server is setup as a domain member, if you are not concerned about using domain level users and groups for permissions you don't need to go any further. Next i added the winbind configuration to the smb.conf winbind uid = 10000-20000 winbind gid = 10000-20000 template homedir = /home/winnt/%D/%U template shell = /bin/bash I would run testparm just to make sure my smb.conf is not broken again. Start samba and winbind and make sure they are both running. Test to see if the machine account on the domain is valid. root#wbinfo -t Test to see if you can authenticate on the domain from winbind. root#wbinfo -a 'DOM\user%password' Set the account that winbind will use to retrieve user and group information. This needs to be the domain administrator account or an account with domain admin rights. root#wbinfo -A 'DOM\user%password' Test to see if it is working. root#wbinfo -u You should see a list of users from the domain :) Let me know if you have questions or if you get to a point of failure. I definatly want to know the outcome if it is successful.
lets get a look at your smb.conf again :) -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 2:58 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Hi Clint, There's something I don't understand.... why when I do 'wbinfo -u' the users doesn't appear with their domain for example MCSE\administrator? I just get it like this: administrator..... as you can see down in the list...... So I had to made this: chown 'administrator:Domain Users' /Samba/ and I had to add it just like 'administrator' without the domain..... as you could see I still haven't had any success. Any clue about it? Thanks ----------- Mensaje Original -------------- De: Board, Clint [cboard@ufsonline.com] Para: leonardorleon@cantv.net [leonardorleon@cantv.net], Board, Clint [cboard@ufsonline.com] Cc: samba@lists.samba.org [samba@lists.samba.org] Asunto: RE: [Samba] Samba - User Authentication Fecha: 30/04/2003 14:41:27 Mensaje: I just tested this out, here is what i did and worked fine: smb.conf (share definition): [test] comment = Shared Folder path = /home/test valid users = DOM\Administrator DOM\user public = no writable = yes printable = no create mask = 0775 i ran testparm to make sure everything was cool. i created the directory as root, which set the owner:group to root, so: chown 'DOM\Administrator:DOM\Domain Admins' test I stopped winbind I restarted smb I started winbind Let me know if this works for you, i think you problem is in your permissions. -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 12:47 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Clint, I was fighting with samba the day before and I finally found to do something new (something good)... as you did it I had to use winbind with samba too and I could do this: [root@redhatcus etc]# wbinfo -u Administrator db2admin Guest guigonza IUSR_HAL IWAM_HAL krbtgt leosamba lrodrigu NetShowServices pruebasamba samba smbusr sysadm TsInternetUser usrsamba [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -g Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Cert Publishers Schema Admins Enterprise Admins Group Policy Creator Owners [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -t Secret is good [root@redhatcus etc]# Now I can do a telnet connection using the Windows users and everything's ok But I still can't authenticate the Windows users in order to they can access the Linux folder, take at look at the folder configuration in my smb.conf file: [Samba] comment = Shared Folder path = /Samba valid users = administrator lrodrigu public = no writable = yes printable = no create mask = 0775 If I delete the valid users, public, create mask lines then I can access it without using any username and password but I don't want do it that way, I'd like to only some users could have access... Do you know something about that? What do I have to do to figure this out? Thanks Leonardo ----------- Mensaje Original -------------- Leonard, Here are the preliminary steps i went through to setup RedHat9, running Samba 3.0 23alpha-1 as a domain member: Downloaded the Samba SRPM and did a build installed my new build smb.conf changes: security = DOMAIN workgroup = DOM password server = * wins server = xxx.xxx.xxx.xxx hosts allow = xxx.xxx.xxx. 127. I would run testparm just to make sure my smb.conf is not broken. Created computer account on the domain through server manager Join the domain root#net join -S DOMPDC -U 'DOM\Administrator%password' As long as this returns "Joined domain DOM" or some other success message you are good to go. At this point your samba server is setup as a domain member, if you are not concerned about using domain level users and groups for permissions you don't need to go any further. Next i added the winbind configuration to the smb.conf winbind uid = 10000-20000 winbind gid = 10000-20000 template homedir = /home/winnt/%D/%U template shell = /bin/bash I would run testparm just to make sure my smb.conf is not broken again. Start samba and winbind and make sure they are both running. Test to see if the machine account on the domain is valid. root#wbinfo -t Test to see if you can authenticate on the domain from winbind. root#wbinfo -a 'DOM\user%password' Set the account that winbind will use to retrieve user and group information. This needs to be the domain administrator account or an account with domain admin rights. root#wbinfo -A 'DOM\user%password' Test to see if it is working. root#wbinfo -u You should see a list of users from the domain :) Let me know if you have questions or if you get to a point of failure. I definatly want to know the outcome if it is successful.
Sounds like a winbind use default domain = yes thing to me. ~ Daniel On Wednesday, April 30, 2003 3:58 PM Leonardo Rodr?guez wrote:> > Hi Clint, > > There's something I don't understand.... why when I do > 'wbinfo -u' the > users doesn't appear with their domain for example > MCSE\administrator? I > just get it like this: administrator..... as you can see down in the > list...... > > So I had to made this: chown 'administrator:Domain Users' > /Samba/ and I had > to add it just like 'administrator' without the domain..... > as you could > see I still haven't had any success. > > Any clue about it? > > Thanks > > ----------- Mensaje Original -------------- > > De: Board, Clint [cboard@ufsonline.com] > Para: leonardorleon@cantv.net [leonardorleon@cantv.net], Board, Clint > [cboard@ufsonline.com] > Cc: samba@lists.samba.org [samba@lists.samba.org] > Asunto: RE: [Samba] Samba - User Authentication > Fecha: 30/04/2003 14:41:27 > Mensaje: > > > I just tested this out, here is > what i did and worked fine: > > smb.conf (share definition): > [test] > comment = Shared Folder > path = /home/test > valid users = DOM\Administrator DOM\user > public = no > writable = yes > printable = no > create mask = 0775 > > i ran testparm to make sure everything was cool. > > i created the directory as root, which set the owner:group to > root, so: > > chown 'DOM\Administrator:DOM\Domain Admins' test > > I stopped winbind > > I restarted smb > > I started winbind > > Let me know if this works for you, i think you problem is in your > permissions. > > -----Original Message----- > From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] > Sent: Wednesday, April 30, 2003 12:47 PM > To: cboard@ufsonline.com > Cc: samba@lists.samba.org > Subject: RE: [Samba] Samba - User Authentication > > > Clint, > > I was fighting with samba the day before and I finally found to do > something new (something good)... as you did it I had to use > winbind with > samba too and I could do this: > > [root@redhatcus etc]# wbinfo -u > Administrator > db2admin > Guest > guigonza > IUSR_HAL > IWAM_HAL > krbtgt > leosamba > lrodrigu > NetShowServices > pruebasamba > samba > smbusr > sysadm > TsInternetUser > usrsamba > [root@redhatcus etc]# > > [root@redhatcus etc]# wbinfo -g > Domain Admins > Domain Users > Domain Guests > Domain Computers > Domain Controllers > Cert Publishers > Schema Admins > Enterprise Admins > Group Policy Creator Owners > [root@redhatcus etc]# > > [root@redhatcus etc]# wbinfo -t > Secret is good > [root@redhatcus etc]# > > Now I can do a telnet connection using the Windows users and > everything's ok > > But I still can't authenticate the Windows users in order to they can > access the Linux folder, take at look at the folder > configuration in my > smb.conf file: > > [Samba] > comment = Shared Folder > path = /Samba > valid users = administrator lrodrigu > public = no > writable = yes > printable = no > create mask = 0775 > > If I delete the valid users, public, create mask lines then I > can access it > without using any username and password but I don't want do > it that way, > I'd like to only some users could have access... > > Do you know something about that? What do I have to do to > figure this out? > > Thanks > > Leonardo > > ----------- Mensaje Original -------------- > > Leonard, > Here are the preliminary steps i went through to setup > RedHat9, running > Samba 3.0 23alpha-1 as a domain member: > > Downloaded the Samba SRPM and did a build > installed my new build > > smb.conf changes: > security = DOMAIN > workgroup = DOM > password server = * > wins server = xxx.xxx.xxx.xxx > hosts allow = xxx.xxx.xxx. 127. > > I would run testparm just to make sure my smb.conf is not broken. > > Created computer account on the domain through server manager > Join the domain > > root#net join -S DOMPDC -U 'DOM\Administrator%password' > > As long as this returns "Joined domain DOM" or some other > success message > you are good to go. > > At this point your samba server is setup as a domain member, > if you are not > concerned about using domain level users and groups for > permissions you > don't need to go any further. > > Next i added the winbind configuration to the smb.conf > winbind uid = 10000-20000 > winbind gid = 10000-20000 > template homedir = /home/winnt/%D/%U > template shell = /bin/bash > > I would run testparm just to make sure my smb.conf is not > broken again. > > Start samba and winbind and make sure they are both running. > > Test to see if the machine account on the domain is valid. > > root#wbinfo -t > > Test to see if you can authenticate on the domain from winbind. > > root#wbinfo -a 'DOM\user%password' > > Set the account that winbind will use to retrieve user and group > information. This needs to be the domain administrator > account or an account > with domain admin rights. > > root#wbinfo -A 'DOM\user%password' > > Test to see if it is working. > > root#wbinfo -u > > You should see a list of users from the domain :) > > Let me know if you have questions or if you get to a point of > failure. I > definatly want to know the outcome if it is successful. > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > >----------------------------------------------------------------------- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you.
Hi Clint, I'm back again, as I told you here you are my smb.conf [global] workgroup = MCSE server string = Samba Server netbios name = redhatcus printcap name = /etc/printcap load printers = yes printing = lprng log file = /var/log/samba/%m.log max log size = 10 log level = 1 security = domain password server = win2k1 winbind separator = + winbind uid = 10000-20000 winbind gid = 10000-20000 winbind cache time = 15 winbind enum users = yes winbind enum groups = yes template homedir = /home/%U template shell = /bin/bash winbind use default domain = yes encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote browse sync = 192.168.58.255 9.177.255.255 remote announce = 192.168.58.255 9.177.255.255 local master = no wins server = 192.168.58.103 name resolve order = wins lmhosts host bcast dns proxy = no preserve case = no short preserve case = no default case = lower case sensitive = no [homes] comment = Home Directories browseable = no writable = yes valid users = %D+%S create mode = 0664 directory mode = 0775 [Test] comment = Shared Folder path = /Test valid users = Administrator lrodrigu public = no writable = yes printable = no create mask = 0775 --------end of file----------------- When I run testparm I get a message related with the winbind separator like this: [root@redhatcus samba]# testparm Load smb config files from /etc/samba/smb.conf Processing section "[homes]" Processing section "[Test]" Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Press enter to see a dump of your service definitions Is there something wrong with that? Could it cause some problem? I hope this can help you to figure this out..... Thanks... ----------- Mensaje Original -------------- Lets get a look at your smb.conf again :) -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 2:58 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Hi Clint, There's something I don't understand.... why when I do 'wbinfo -u' the users doesn't appear with their domain for example MCSE\administrator? I just get it like this: administrator..... as you can see down in the list...... So I had to made this: chown 'administrator:Domain Users' /Samba/ and I had to add it just like 'administrator' without the domain..... as you could see I still haven't had any success. Any clue about it? Thanks ----------- Mensaje Original -------------- De: Board, Clint [cboard@ufsonline.com] Para: leonardorleon@cantv.net [leonardorleon@cantv.net], Board, Clint [cboard@ufsonline.com] Cc: samba@lists.samba.org [samba@lists.samba.org] Asunto: RE: [Samba] Samba - User Authentication Fecha: 30/04/2003 14:41:27 Mensaje: I just tested this out, here is what i did and worked fine: smb.conf (share definition): [test] comment = Shared Folder path = /home/test valid users = DOM\Administrator DOM\user public = no writable = yes printable = no create mask = 0775 i ran testparm to make sure everything was cool. i created the directory as root, which set the owner:group to root, so: chown 'DOM\Administrator:DOM\Domain Admins' test I stopped winbind I restarted smb I started winbind Let me know if this works for you, i think you problem is in your permissions. -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 12:47 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Clint, I was fighting with samba the day before and I finally found to do something new (something good)... as you did it I had to use winbind with samba too and I could do this: [root@redhatcus etc]# wbinfo -u Administrator db2admin Guest guigonza IUSR_HAL IWAM_HAL krbtgt leosamba lrodrigu NetShowServices pruebasamba samba smbusr sysadm TsInternetUser usrsamba [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -g Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Cert Publishers Schema Admins Enterprise Admins Group Policy Creator Owners [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -t Secret is good [root@redhatcus etc]# Now I can do a telnet connection using the Windows users and everything's ok But I still can't authenticate the Windows users in order to they can access the Linux folder, take at look at the folder configuration in my smb.conf file: [Samba] comment = Shared Folder path = /Samba valid users = administrator lrodrigu public = no writable = yes printable = no create mask = 0775 If I delete the valid users, public, create mask lines then I can access it without using any username and password but I don't want do it that way, I'd like to only some users could have access... Do you know something about that? What do I have to do to figure this out? Thanks Leonardo ----------- Mensaje Original -------------- Leonard, Here are the preliminary steps i went through to setup RedHat9, running Samba 3.0 23alpha-1 as a domain member: Downloaded the Samba SRPM and did a build installed my new build smb.conf changes: security = DOMAIN workgroup = DOM password server = * wins server = xxx.xxx.xxx.xxx hosts allow = xxx.xxx.xxx. 127. I would run testparm just to make sure my smb.conf is not broken. Created computer account on the domain through server manager Join the domain root#net join -S DOMPDC -U 'DOM\Administrator%password' As long as this returns "Joined domain DOM" or some other success message you are good to go. At this point your samba server is setup as a domain member, if you are not concerned about using domain level users and groups for permissions you don't need to go any further. Next i added the winbind configuration to the smb.conf winbind uid = 10000-20000 winbind gid = 10000-20000 template homedir = /home/winnt/%D/%U template shell = /bin/bash I would run testparm just to make sure my smb.conf is not broken again. Start samba and winbind and make sure they are both running. Test to see if the machine account on the domain is valid. root#wbinfo -t Test to see if you can authenticate on the domain from winbind. root#wbinfo -a 'DOM\user%password' Set the account that winbind will use to retrieve user and group information. This needs to be the domain administrator account or an account with domain admin rights. root#wbinfo -A 'DOM\user%password' Test to see if it is working. root#wbinfo -u You should see a list of users from the domain :) Let me know if you have questions or if you get to a point of failure. I definatly want to know the outcome if it is successful. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Have you tried winbind use default domain = no? -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Monday, May 05, 2003 6:52 AM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Hi Clint, I'm back again, as I told you here you are my smb.conf [global] workgroup = MCSE server string = Samba Server netbios name = redhatcus printcap name = /etc/printcap load printers = yes printing = lprng log file = /var/log/samba/%m.log max log size = 10 log level = 1 security = domain password server = win2k1 winbind separator = + winbind uid = 10000-20000 winbind gid = 10000-20000 winbind cache time = 15 winbind enum users = yes winbind enum groups = yes template homedir = /home/%U template shell = /bin/bash winbind use default domain = yes encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote browse sync = 192.168.58.255 9.177.255.255 remote announce = 192.168.58.255 9.177.255.255 local master = no wins server = 192.168.58.103 name resolve order = wins lmhosts host bcast dns proxy = no preserve case = no short preserve case = no default case = lower case sensitive = no [homes] comment = Home Directories browseable = no writable = yes valid users = %D+%S create mode = 0664 directory mode = 0775 [Test] comment = Shared Folder path = /Test valid users = Administrator lrodrigu public = no writable = yes printable = no create mask = 0775 --------end of file----------------- When I run testparm I get a message related with the winbind separator like this: [root@redhatcus samba]# testparm Load smb config files from /etc/samba/smb.conf Processing section "[homes]" Processing section "[Test]" Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Press enter to see a dump of your service definitions Is there something wrong with that? Could it cause some problem? I hope this can help you to figure this out..... Thanks... ----------- Mensaje Original -------------- Lets get a look at your smb.conf again :) -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 2:58 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Hi Clint, There's something I don't understand.... why when I do 'wbinfo -u' the users doesn't appear with their domain for example MCSE\administrator? I just get it like this: administrator..... as you can see down in the list...... So I had to made this: chown 'administrator:Domain Users' /Samba/ and I had to add it just like 'administrator' without the domain..... as you could see I still haven't had any success. Any clue about it? Thanks ----------- Mensaje Original -------------- De: Board, Clint [cboard@ufsonline.com] Para: leonardorleon@cantv.net [leonardorleon@cantv.net], Board, Clint [cboard@ufsonline.com] Cc: samba@lists.samba.org [samba@lists.samba.org] Asunto: RE: [Samba] Samba - User Authentication Fecha: 30/04/2003 14:41:27 Mensaje: I just tested this out, here is what i did and worked fine: smb.conf (share definition): [test] comment = Shared Folder path = /home/test valid users = DOM\Administrator DOM\user public = no writable = yes printable = no create mask = 0775 i ran testparm to make sure everything was cool. i created the directory as root, which set the owner:group to root, so: chown 'DOM\Administrator:DOM\Domain Admins' test I stopped winbind I restarted smb I started winbind Let me know if this works for you, i think you problem is in your permissions. -----Original Message----- From: Leonardo Rodr?guez [mailto:leonardorleon@cantv.net] Sent: Wednesday, April 30, 2003 12:47 PM To: cboard@ufsonline.com Cc: samba@lists.samba.org Subject: RE: [Samba] Samba - User Authentication Clint, I was fighting with samba the day before and I finally found to do something new (something good)... as you did it I had to use winbind with samba too and I could do this: [root@redhatcus etc]# wbinfo -u Administrator db2admin Guest guigonza IUSR_HAL IWAM_HAL krbtgt leosamba lrodrigu NetShowServices pruebasamba samba smbusr sysadm TsInternetUser usrsamba [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -g Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Cert Publishers Schema Admins Enterprise Admins Group Policy Creator Owners [root@redhatcus etc]# [root@redhatcus etc]# wbinfo -t Secret is good [root@redhatcus etc]# Now I can do a telnet connection using the Windows users and everything's ok But I still can't authenticate the Windows users in order to they can access the Linux folder, take at look at the folder configuration in my smb.conf file: [Samba] comment = Shared Folder path = /Samba valid users = administrator lrodrigu public = no writable = yes printable = no create mask = 0775 If I delete the valid users, public, create mask lines then I can access it without using any username and password but I don't want do it that way, I'd like to only some users could have access... Do you know something about that? What do I have to do to figure this out? Thanks Leonardo ----------- Mensaje Original -------------- Leonard, Here are the preliminary steps i went through to setup RedHat9, running Samba 3.0 23alpha-1 as a domain member: Downloaded the Samba SRPM and did a build installed my new build smb.conf changes: security = DOMAIN workgroup = DOM password server = * wins server = xxx.xxx.xxx.xxx hosts allow = xxx.xxx.xxx. 127. I would run testparm just to make sure my smb.conf is not broken. Created computer account on the domain through server manager Join the domain root#net join -S DOMPDC -U 'DOM\Administrator%password' As long as this returns "Joined domain DOM" or some other success message you are good to go. At this point your samba server is setup as a domain member, if you are not concerned about using domain level users and groups for permissions you don't need to go any further. Next i added the winbind configuration to the smb.conf winbind uid = 10000-20000 winbind gid = 10000-20000 template homedir = /home/winnt/%D/%U template shell = /bin/bash I would run testparm just to make sure my smb.conf is not broken again. Start samba and winbind and make sure they are both running. Test to see if the machine account on the domain is valid. root#wbinfo -t Test to see if you can authenticate on the domain from winbind. root#wbinfo -a 'DOM\user%password' Set the account that winbind will use to retrieve user and group information. This needs to be the domain administrator account or an account with domain admin rights. root#wbinfo -A 'DOM\user%password' Test to see if it is working. root#wbinfo -u You should see a list of users from the domain :) Let me know if you have questions or if you get to a point of failure. I definatly want to know the outcome if it is successful. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba