Hi folks (again)...
I have Samba 3 installed (compiled from source) with Kerberos 5v1.3.1 also
installed (from source).
My problem is that none of the domain users can use any resources from the Samba
server. The Samba server is (trying to be) in Domain mode (security = ads).
The Samba server has been joined to the domain and shows up nicely in AD Users
and Computers (on the Windows 2000 Advanced Server that is my AD domain
controller).
Here is the kerberos utils output from the Samba server...
root@raid:~# kinit
Password for administrator@RONGAGE.ORG:
root@raid:~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator@RONGAGE.ORG
Valid starting Expires Service principal
10/15/03 19:35:14 10/16/03 05:35:02 krbtgt/RONGAGE.ORG@RONGAGE.ORG
renew until 10/16/03 19:35:14
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
root@raid:~#
Here is the contents of /etc/krb5.conf:
root@raid:/etc# less krb5.conf
[libdefaults]
default_realm = RONGAGE.ORG
[realms]
RONGAGE.ORG = {
kdc = domain.rongage.org:88
default_domain = RONGAGE.ORG
}
And for completeness, here is the smb.conf:
#======================= Global Settings
====================================[global]
# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2
workgroup = RONGAGE
netbios name = RAID
server string = Samba Server
; hosts allow = 192.168.1. 192.168.2. 127.
load printers = no
# log level = 10
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
security = ads
password server = domain.rongage.org
encrypt passwords = yes
realm = rongage.org
; printcap name = /etc/printcap
; printcap name = lpstat
; printing = bsd
; guest account = pcguest
log file = /var/log/samba.%m
max log size = 50
; security = user
; password server = <NT-Server-Name>
; encrypt passwords = yes
; include = /usr/local/samba/lib/smb.conf.%m
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
; interfaces = 192.168.12.2/24 192.168.13.2/24
; local master = no
; os level = 33
; domain master = yes
; preferred master = yes
; domain logons = yes
; logon script = %m.bat
; logon script = %U.bat
; logon path = \\%L\Profiles\%U
; wins support = yes
; wins server = w.x.y.z
; wins proxy = yes
dns proxy = no
;[homes]
; comment = Home Directories
; browseable = no
; writable = yes
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
;[printers]
; comment = All Printers
; path = /var/spool/samba
; browseable = no
# Set public = yes to allow user 'guest account' to print
; guest ok = no
; writable = no
; printable = yes
# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
[data]
comment = Accounting
path = /data
public = yes
writable = yes
printable = no
guest ok = yes
create mode = 777
directory mode = 777
Can anybody please tell me what the heck I am doing wrong???
Thanks!
--
Ronald R. Gage
MCP, LPIC1, A+, Net+
Pontiac, Michigan
----------------------------------------------------------------
This message was sent using webmail provided by www.rongage.org
