I have tried now for allmost a week to get this thing working.
I have installed (Debian packages):
samba 3.0.2
krb5-user 1.3 (This is MIT kerberos)
krb5-config 1.6
winbind 3.0.2
I don't know if my samba is compiled with ADS but I assume it right now
- I just installed the apt-get package from the testing (sarge) debian.
My problem right now is that
root# *smbpasswd -a -m /machine_name/*
Failed to initialise SAM_ACCOUNT for user appboga$.
Failed to modify password entry for user appboga$
Attached is a copy of my smb.conf and krb5.conf
--
Med venlig hilsen - Best regards,
Johan Evers
Opiin Software ApS
Trekronergade 126 F
DK - 2500 Valby
Phone : +45 7020 6393
E-mail : info@opiin.dk <mailto:info@opiin.dk>
-------------- next part --------------
#======================= Global Settings =================[global]
# The NetBIOS name of this machine
netbios name = pluto
# server string is the equivalent of the NT Description field
server string = OpiinDoc server (Samba %v)
# The Windows domain name
workgroup = BOGA
# For joining ADS realm = your.kerberos.REALM
realm = boga.DK
# The Domain controllers
password server = *
# Tell Samba to use ADS authentication
security = ADS
# In Win200x and ADS encryption is a must
encrypt passwords = yes
# Which users are NOT allowed
invalid users = root
# The logs are: (For each connection)
log file = /var/log/samba/log.%m
# On-the-Fly Creation of Machine Trust Accounts
add machine script = /usr/sbin/useradd -d /dev/null -g 1004 \
-s /bin/false -M %u
#======================= Global Winbind Settings =======# separate domain and
username with '/', like DOMAIN/username
winbind separator = /
# use uids from 10000 to 20000 for domain users
idmap uid = 10000-20000
# use gids from 10000 to 20000 for domain groups
idmap gid = 10000-20000
# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes
#======================= Share Definitions =============
[opiineksport]
comment = Timeseddel eksport bibliotek
writable = no
locking = no
path = /home/opiin/eksport
public = yes
-------------- next part --------------
[libdefaults]
default_realm = BOGA.DK
[realms]
BOGA.DK = {
kdc = NTBOGA
kdc = APPBOGA
}
[domain_realms]
.NTBOGA = BOGA.DK
