The problem I have is I can not enter the EXAMPLE domain with winbind
winbind-u-g, I can see all domain users.
You have the problem that I can not create home /% u
My Samba architecture is
SRV1: PDC-LDAP-SAMBA
SRV2: SAMBA-winbind and that is what I use for the shares
DOMAIN: EXAMPLE
so far the users can enter, but complain that there are problems with
permissions on some folders
# Global settings
[global]
display charset = LOCALE
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
idmap gid = 1000-33554431
passwd program = /usr/bin/passwd %u
netbios name = srvsamba
idmap uid = 1000-33554431
dos charset = CP850
local master = no
workgroup = EXAMPLE
debug level = 9
os level = 0
security = domain
log file = /var/log/samba/%m.log
guest account = nobody
smb passwd file = /etc/samba/smbpasswd
load printers = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
wins server = 192.168.1.252
map to guest = Bad User
domain master = no
encrypt passwords = yes
realm template shell = /bin/false
server string = srvsamba
winbind enum users = Yes
password server = 192.168.1.252
template homedir = /mnt/samba/home/%u
winbind enum groups = Yes
unix charset = UTF-8
preferred master = no
pam password change = yes
winbind use default domain = no
; interfaces = 192.168.12.2/24 192.168.13.2/24
; remote announce = 92.168.1.255 192.168.2.44
; domain logons = yes
; hosts deny = all
username map = /etc/samba/smbusers
obey pam restrictions = yes
; winbind separator = \
[A]
comment = A
path = /mnt/samba/a
read only = No
create mask = 0770
directory mask = 02770
hosts allow = 192.168.1.0/24, 192.168.0.0/24, 192.168.2.0/24
map acl inherit = Yes
veto files = /*:Zone.Identifier:*/
veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/
store dos attributes = Yes
dos filemode = Yes
dos filetime resolution = Yes
[B]
comment = B
path = /mnt/samba/B
read only = No
create mask = 0777
directory mask = 02770
hosts allow = 192.168.1.0/24
map acl inherit = Yes
veto files = /*:Zone.Identifier:*/
veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/
store dos attributes = Yes
dos filemode = Yes
dos filetime resolution = Yes
fake directory create times = Yes
[C]
comment = C
path = /mnt/samba/C
read only = No
create mask = 0777
directory mask = 02775
hosts allow = 192.168.1.0/24
map acl inherit = Yes
veto files = /*:Zone.Identifier:*/
veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/
store dos attributes = Yes
dos filemode = Yes
dos filetime resolution = Yes
fake directory create times = Yes
[homes]
path = /mnt/samba/home/%U
read only = No
create mask = 0777
directory mask = 0777
hosts allow = 192.168.1.0/24, 192.168.0.0/24, 192.168.2.0/24
map acl inherit = Yes
store dos attributes = Yes
dos filemode = Yes
dos filetime resolution = Yes
---------------------
ERROR
:/etc/samba# net rpc join -S pdc -U administrador
Enter administrador's password:
[2010/01/24 23:08:33, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(349)
error setting trust account password: NT_STATUS_ACCESS_DENIED
Unable to join domain LYD.
