Kalin Krustev
2004-Apr-18 15:23 UTC
[Samba] Problem with Linux clients of Samba member server in Active Directory environment
Hello Everyone, I've started Samba server, that is joined to Active Directory structure in my office. I'm not starting winbind yet, and now I have some unix accounts, which are mapped to their corresponding Windows Active Directory accounts via /etc/samba/smbusers file. I use Kerberos client for authentication of Windows AD users. On Windows clients, I have no problems with logging to this samba server and providing access to shares. But I meet problems with authentication and access to samba from Linux boxes and, specially, access with Konqueror via smb:// protocol. When I try to access with smb://salso002/ (salso002 is host name of my samba server), I can see all shares, but when I click on one of them, and write the user and password in login window, Konqueror do not accept user/password pair and show the login windows again. I've tried various ways of writing user name, such as "username@MYREALM", "MYREALM/username", "MYREALM\username", when MYREALM is full name of KDC in Active Directory, but Konqueror answers with messages like "Access denied" or "The file or directory ... does not exist". The same is happen even I try access samba with Konqueror on the same machine, samba is installed. When I use smbclient with "-k" option on the same machine where is samba server, I can accessed resources, but via Konqueror, I can not. I'm asking for your help to solve this problem. And, I wondered is it possible Linux machines, that are NOT joined to Active Directory domain to access the samba server, that is member server in that domain? Thank you in advance! My smb.conf file is: # Global parameters [global] unix charset = LOCALE workgroup = TVGRP.HQ realm = TVGRP.HQ interfaces = 127.0.0.1, eth0 bind interfaces only = Yes security = ADS password server = 192.168.100.50 username map = /etc/samba/smbusers printcap name = cups preferred master = No local master = No domain master = No wins server = 192.168.100.50 ldap ssl = no printing = cups [ReadOnly] path = /share/ReadOnly admin users = kalin read only = No [ReadWrite] path = /share/ReadWrite read only = No create mask = 0774 directory mask = 0774 [OwnerRWXGroupRX] path = /share/OwnerRWXGroupRX read only = No create mask = 0754 directory mask = 07755 directory security mask = 07777 hide unreadable = Yes ---- Best regards, Kalin Krustev k_krustev@mail.bg
Possibly Parallel Threads
- How does one "look at AD" in Samba4.1?
- Joining Samba4 to Win 2008 AD domain breaks other kerberos functions
- Joining Samba4 to Win 2008 AD domain breaks other kerberos functions
- errors from ads_krb5_mk_req errors and util_sock.c:send_smb
- Authentication problems with win2k3 domain controller
Wisdom of the Ancients
