Hi all, I want to make a Samba Sever as amember of a Domain, using a Windows NT 4.0 as PDC. I have my smb.conf configured to do this, but users ca't connect on Samba useing the Windows NT account. Is it possible or I have to create them on a smbpasswd to make them login on it? I have a Samba Server 3.0.7 running under a Slackware Linux 10.0, with Kernel 2.6.8.1. I'm sending my smb.conf configurations. #======================= Global Settings ====================================[global] workgroup = WORKGROUP interfaces = eth0 ; invalid users = root ; character set = ISO8859-1 ; client code page = 850 name resolve order = wins bcast host lmhosts bind interfaces only = yes password server = WINNT-SERVER security = user server string = %h log file = /var/log/samba/%m.log smb passwd file = /etc/samba/smbpasswd passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 os level = 0 syslog = 0 dead time = 20 domain master = no local master = yes preferred master = yes ; domain admin group = root logon script = users.bat unix password sync = yes max log size = 1000 winbind trusted domains only = yes restrict anonymous = yes update encrypted = yes winbind use default domain = yes domain master = no ; socket address = 192.168.0. ; root directory = /root ; hostname lookups = yes passwd chat timeout = 5 max protocol = NT acl compatibility = winnt ldap ssl = No server signing = Auto #============================ Share Definitions ============================= [homes] comment = Home Directories read only = no valid users = %S create mask = 0664 directory mask = 0775 ; map to guest = bad user [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes share modes = no browseable = no [Profiles] path = /usr/local/samba/profiles browseable = no guest ok = yes ;[printers] ; comment = All Printers ; path = /var/spool/samba ; browseable = no # Set public = yes to allow user 'guest account' to print ; guest ok = no ; printable = yes # This one is useful for people to share files [tmp] comment = Diret?rio de arquivos tempor?rios path = /tmp read only = no guest ok = yes [public] comment = Public Stuff valid users = %S path = /home/samba guest ok = yes read only = no write list = someone # Um diret?rio privado SOMENTE utilizado pelo usuario bruno, # e requer acesso de escrita no diretorio inteiro. [pchome] comment = PC Directories path = /usr/local/pc/%m public = no writable = yes [public] path = /usr/share/samba_public guest ok = yes guest only = yes read only = no [someone] comment = Someone's Share path = /home/bruno valid users = someone read only = no create mask = 0765 browseable = no [cdrom] comment = CDROM compartilhado locking = no path = /mnt/cdrom guest ok = yes valid users = someone [easy$] comment = Acesso geral para os servidores da Easy path = / write list = someone read only = no valid users = someone admin users = someone Thanks for your help, Bruno
Try by setting the security = domain see http://www.informit.com/articles/article.asp?p=169560&seqNum=3 this should help -----Original Message----- From: samba-bounces+filiks=telesonique.com@lists.samba.org [mailto:samba-bounces+filiks=telesonique.com@lists.samba.org]On Behalf Of Bruno Lessa Cardoso Sent: Mittwoch, 13. Oktober 2004 17:02 To: Samba List Subject: [Samba] Login with a NT 4.0 PDC Hi all, I want to make a Samba Sever as amember of a Domain, using a Windows NT 4.0 as PDC. I have my smb.conf configured to do this, but users ca't connect on Samba useing the Windows NT account. Is it possible or I have to create them on a smbpasswd to make them login on it? I have a Samba Server 3.0.7 running under a Slackware Linux 10.0, with Kernel 2.6.8.1. I'm sending my smb.conf configurations. #======================= Global Settings ====================================[global] workgroup = WORKGROUP interfaces = eth0 ; invalid users = root ; character set = ISO8859-1 ; client code page = 850 name resolve order = wins bcast host lmhosts bind interfaces only = yes password server = WINNT-SERVER security = user server string = %h log file = /var/log/samba/%m.log smb passwd file = /etc/samba/smbpasswd passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 os level = 0 syslog = 0 dead time = 20 domain master = no local master = yes preferred master = yes ; domain admin group = root logon script = users.bat unix password sync = yes max log size = 1000 winbind trusted domains only = yes restrict anonymous = yes update encrypted = yes winbind use default domain = yes domain master = no ; socket address = 192.168.0. ; root directory = /root ; hostname lookups = yes passwd chat timeout = 5 max protocol = NT acl compatibility = winnt ldap ssl = No server signing = Auto #============================ Share Definitions ============================= [homes] comment = Home Directories read only = no valid users = %S create mask = 0664 directory mask = 0775 ; map to guest = bad user [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes share modes = no browseable = no [Profiles] path = /usr/local/samba/profiles browseable = no guest ok = yes ;[printers] ; comment = All Printers ; path = /var/spool/samba ; browseable = no # Set public = yes to allow user 'guest account' to print ; guest ok = no ; printable = yes # This one is useful for people to share files [tmp] comment = Diret?rio de arquivos tempor?rios path = /tmp read only = no guest ok = yes [public] comment = Public Stuff valid users = %S path = /home/samba guest ok = yes read only = no write list = someone # Um diret?rio privado SOMENTE utilizado pelo usuario bruno, # e requer acesso de escrita no diretorio inteiro. [pchome] comment = PC Directories path = /usr/local/pc/%m public = no writable = yes [public] path = /usr/share/samba_public guest ok = yes guest only = yes read only = no [someone] comment = Someone's Share path = /home/bruno valid users = someone read only = no create mask = 0765 browseable = no [cdrom] comment = CDROM compartilhado locking = no path = /mnt/cdrom guest ok = yes valid users = someone [easy$] comment = Acesso geral para os servidores da Easy path = / write list = someone read only = no valid users = someone admin users = someone Thanks for your help, Bruno -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
On Wed, 2004-10-13 at 12:01 -0300, Bruno Lessa Cardoso wrote:> I want to make a Samba Sever as amember of a Domain, using a Windows > NT 4.0 as PDC. I have my smb.conf configured to do this, but users > ca't connect on Samba useing the Windows NT account. Is it possible or > I have to create them on a smbpasswd to make them login on it?<snip>> security = userUnless my understanding of SAMBA config and your needs is flawed, you need to set security = domain, not security = user. This is the setting that lets a SAMBA member server pass authentication requests to the PDC. There is a good explanation of SAMBA security modes at http://www.phptr.com/articles/article.asp?p=169560&seqNum=3 -- -Regards- -Quentin Hartman- Technology Coordinator South Lane School District Cottage Grove, Oregon Office- 541.767.3778 Mobile- 541-501-1197 qhartman@lane.k12.or.us