Hi all,
I am attempting to setup a SMB server that will auth to Windows2003 AD -
I've setup SMB many times, but this is my first attempt at AD auth
integration.
Most everything (testing from commandline) works - see below info
But the docs say I need to copy pam_winbind.so to /lib/security but I
can not find this file in the samba source distro. So what goes into
/etc/pam.d/samba or /etc/pam.d/login ??
When I attempt to access a share on this server, I see no errors but can
not auth, presumably because pam_winbind is missing.
See below for details of setup -
Any thoughts appreciated,
Edward
Ebrooathealthydirectionsdotcom
I'm using a RH Fedora Core 2 box with Samba 3.0.14a and these Krb
versions :
krb5-devel-1.3.6-4
pam_krb5-2.0.10-1
krb5-libs-1.3.6-4
krb5-workstation-1.3.6-4
What works -
Kinit username@domain works fine -
net ads join -uUsername%password works fine
wbinfo -u works fine
wbinfo -t works fine
My samba log.smbd and log.nmbd and log.winbindd all show successful
startup
My smb.cnf looks like
[global]
netbios name = GOETHE
server string = IT Dev Server
realm = CORP.PHILLIPS.COM
workgroup = CORP
password server = 172.17.17.110
security = ADS
encrypt passwords = yes
socket options = TCP_NODELAY
local master = no
dns proxy = yes
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum groups = yes
winbind enum users = yes
#============================ Share Definitions
=============================
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no
[homes]
comment = Home Directories
browseable = no
writable = yes
user = @"CORP+domain users"
# specifically define each individual printer [printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[Tellu]
comment = TellU Inventory Client
path = /home/share/tellu
public = yes
writeable = no
user = @"CORP+domain users"
