Hi all,
I recently installed a file server at a client site using COL Server 3.1.1 and
Samba 2.2.3a. The file server was configured to be a member server in the
Windows NT domain using the global parameter "server = domain" in the
smb.conf file. I am using winbind to allow users to be authenticated by the PDC
NT server for the domain.
In general, everything seems to be working as I expected, except for one issue.
The client is a computer training site which uses separate user accounts for
each computer in the classroom. In order to make it easier for the teacher and
students, the passwords for these accounts are blank or null. The problem is
that when you log onto one of these computers using an account with no password
and then try to browse the samba file server using Network Neighborhood, you are
asked for a password (entering a blank password does not work). In contrast, if
you log onto a computer with a user account which has a password, you can browse
the file server in network neighborhood without any problems.
I don't understand why the samba file server is not allowing access to these
accounts with no password. I would have thought that they would be treated the
same as accounts with passwords. I have tried using the global parameter
"null passwords = yes" in the smb.conf file but this does not appear
to make any difference.
Any help with this problem would be greatly appreciated. Below is info on my
configuration for samba
nsswitch.conf
# /etc/nsswitch.conf
#
# Name Service Switch configuration file.
#
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files nis dns
networks: nis files dns
ethers: nis files
protocols: nis files
rpc: nis files
services: nis files
______________________________________________________
smb.conf
# Global parameters
[global]
workgroup = DUFF-LAB
netbios name = LAB-2
server string = Samba Server on Caldera OpenLinux
security = domain
password server = lab-1
encrypt passwords = Yes
null passwords = yes
#winbind configuration
winbind separator = +
winbind cache time = 10
template shell = /bin/bash
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
#end
log file = /var/log/samba.d/smb.%m
max log size = 200
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
wins server = 10.251.8.61
admin users = dave
______________________________________________________
/etc/pam.d/samba
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so nullok
auth required /lib/security/pam_pwdb.so shadow nullok use_first_pass
account required /lib/security/pam_winbind.so
Thanks in advance,
Dave
__________________________________________________________
Get your FREE personalized e-mail at http://www.canada.com
Hi all,
I recently installed a file server at a client site using COL Server 3.1.1 and
Samba 2.2.3a. The file server was configured to be a member server in the
Windows NT domain using the global parameter "server = domain" in the
smb.conf file. I am using winbind to allow users to be authenticated by the PDC
NT server for the domain.
In general, everything seems to be working as I expected, except for one issue.
The client is a computer training site which uses separate user accounts for
each
computer in the classroom. In order to make it easier for the teacher and
students, the passwords for these accounts are blank or null. The problem is
that when you log onto one of these computers using an account with no password
and then try to browse the samba file server using Network Neighborhood, you are
asked for a password (entering a blank password does not work). In contrast, if
you log onto a computer with a user account which has a password, you can browse
the file server in network neighborhood without any problems.
I don't understand why the samba file server is not allowing access to these
accounts with no password. I would have thought that they would be treated the
same as accounts with passwords. I have tried using the global parameter
"null passwords = yes" in the smb.conf file but this does not appear
to make any difference.
Any help with this problem would be greatly appreciated. Below is info on my
configuration for samba
nsswitch.conf
# /etc/nsswitch.conf
#
# Name Service Switch configuration file.
#
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files nis dns
networks: nis files dns
ethers: nis files
protocols: nis files
rpc: nis files
services: nis files
______________________________________________________
smb.conf
# Global parameters
[global]
workgroup = DUFF-LAB
netbios name = LAB-2
server string = Samba Server on Caldera OpenLinux
security = domain
password server = lab-1
encrypt passwords = Yes
null passwords = yes
#winbind configuration
winbind separator = +
winbind cache time = 10
template shell = /bin/bash
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
#end
log file = /var/log/samba.d/smb.%m
max log size = 200
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = No
wins server = 10.251.8.61
admin users = dave
______________________________________________________
/etc/pam.d/samba
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so nullok
auth required /lib/security/pam_pwdb.so shadow nullok use_first_pass
account required /lib/security/pam_winbind.so
Thanks in advance,
Dave
__________________________________________________________
Get your FREE personalized e-mail at http://www.canada.com