I want to set up a Samba Server (Cactus_3) as member server in our NT4 domain (PDC is Cactus_1, BDC is Cactus_2). We have about 50 client workstations most of which are WinXP but we have a few Win2K and Win98 machines. Shortly we will migrate off the NT4 servers but in the meantime we wish to test some real time scenarios. It is for this reason that I want SSO so the tests are transparant to the users. I don't want to replicate 40 users into the unix environment. I followed the setup in Chapter 2 of the HOWTO Collection for a Domain Member server. I am using Samba 3.07 on Suse 9.1. My smb.conf file follows the signature line as well as nsswitch.conf file. I have reread chapters 3,6, & 9 from the HOW-TO Collection. I have read through the archives for October & September and googled the user group, but i am still not finding what I am missing. Here is an outline of whats happening. 1) "linux~# net rpc join -U<domainadmin>%<password>" works, at least it responds with 'Joined domain DOMAIN'. 2) "linux~# wbinfo --set-auth-user=,<domainadmin>%<password>" appears to succeed. 3) "linux~# wbinfo -u" succeeds in giving a list of all domain users (same for groups with -g flag) however it shows "domainuser" only and not "DOMAIN+domainuser" as indicated in the chapter text. 4) "linux~# getent passwd <domainuser>" succeeds. 5) "linux~# chown <domainuser> /export/a_file" appears to succeed however a listing of "/export/a_file" shows owner remaining as 'root'. 6) "linux~# net rpc trustdom list" fails with the message: linux:~ # net rpc trustdom list Password: Could not connect to server CACTUS_1 The username or password was not correct. [2004/10/06 16:31:06, 0] utils/net_rpc.c:rpc_trustdom_list(3030) Couldn't connect to domain controller linux:~ # 7) Other 'net rpc' commands fail as illustrated: linux:~ # net rpc samdump [2004/10/06 16:36:41, 0] utils/net_rpc_samsync.c:rpc_samdump_internals(216) Could not fetch trust account password linux:~ # net rpc getsid Storing SID S-1-5-21-1930001043-1750228388-9522986 for Domain DOMAIN in secrets.tdb linux:~ # net rpc vampire Could not retrieve domain trust secret 8) From Windows Explorer on a Windows PC workstation I see the Samba server (Cactus_3) and I see shares (ACCTMATE, DOCUMENTS, PICTURES, Printer LexMark T522) but I get 'Permission Denied' when attempting to access. Mapping through "net use k: \\cactus_3\documents" succeeds but access is still denied. A directory listing from the command window responds as "File not found." Please be so kind as to point out what I am missing. Thank you for your kind help. Dennis A. Johnson Controller K.M.B., Inc. Phoenix, Arizona, USA ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ smb.conf #~ Configuration for Samba Server (Cactus_3) to be a member server on NT4 domain DOMAIN #~ Shares should be accessible to every authenticated user on DOMAIN. #~ PDC is Cactus_1 (192.168.0.70) is also WINS server #~ BDC is Cactus_2 (192.168.0.252) is also DHCP server #~ Network is 192.168.0.0/24 #~ revisions 1.0 10/06/2004 1:00PM # # [global] workgroup = domain server string = Samba Server netbios name = Cactus_3 security = domain password server = CACTUS_1 CACTUS_2 wins server = 192.168.0.70 winbind separator = + winbind use default domain = yes winbind uid = 10000-20000 winbind gid = 10000-20000 winbind cache time = 15 winbind enum users = yes winbind enum groups = yes idmap uid = 15000-20000 idmap gid = 15000-20000 use sendfile = yes interfaces = 127.0.0.1 eth0 hosts allow = 192.168.0. 127. bind interfaces only = true local master = no printing = cups printcap name = cups printer admin = @ntadmin, root, administrator disable spoolss = yes map to guest = Bad User encrypt passwords = yes passdb backend = smbpasswd # SO_RCVBUF=8192 SO_SNDBUF=8192 # socket options = TCP_NODELAY # add machine script # domain master = false # domain logons = yes # local master = no # preferred master = auto # ldap suffix = dc=example,dc=com [homes] comment = Home Directories valid users = %S browseable = no read only = no guest ok = no printable = no [ACCTMATE] comment = Accounting Application Only path = /export/ACCTMATE writeable = yes inherit permissions = yes # veto files = /aquota.user/groups/shares/ browseable = yes guest ok = no printable = no [Documents] comment = Public Documents path = /export/Documents writeable = yes inherit permissions = yes browseable = yes guest ok = no # printable = yes [Pictures] comment = Public Pictures path = /export/Pictures read only = no writeable = yes # printable = yes browseable = yes inherit permissions = yes guest ok = no [printers] comment = All Printers path = /var/spool/samba printer admin = root, itadminkmb, dennis printable = yes create mask = 0600 browseable = no guest ok = no [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 browseable = yes guest ok = no printable = no ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ nsswitch.conf # # /etc/nsswitch.conf # passwd: files winbind # shadow: files nis group: files winbind hosts: files dns winbind # passwd: compat # group: compat # hosts: files dns #networks: files dns services: files protocols: files rpc: files ethers: files netmasks: files netgroup: files publickey: files bootparams: files automount: files nis aliases: files