Thomas Lesh
2005-Sep-19 18:09 UTC
[Samba] Problem: FreeBSD 5.4 and Samba 3.0.20 not working with ADS
Hello all, I'm having a really difficult time with this setup. I can communicate with my Win2k3 PDC from my FreeBSD Samba file server by using the wbinfo utility. The wbinfo utility returns all of the information that I expect it to successfully. I've joined the Samba file server to the AD already. Users can access shared resources on the Samba file server *ONLY IF* they have a local account on the Samba file server. What am I doing wrong, it's giving me massive headaches?! Here are my config files: -------[ smb.conf ]------- [global] workgroup = HELLO realm = HELLO.LOCAL server string = Samba File Server security = ADS auth methods = winbind password server = 192.168.20.5 log level = 3 log file = /var/log/samba/log.%m max log size = 100 socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 printcap name = cups preferred master = No domain master = No dns proxy = No wins server = 192.168.20.5 ldap ssl = no idmap uid = 10000-20000 idmap gid = 20000-30000 winbind use default domain = Yes winbind trusted domains only = Yes invalid users = root acl group control = Yes inherit permissions = Yes inherit acls = Yes write cache size = 262144 [homes] comment = Home Directories read only = No browseable = No [public] comment = Public Share path = /home/pub admin users = Administrator read only = No create mask = 0664 directory mask = 0775 guest ok = Yes [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No -------[ krb5.conf ]------- [libdefaults] default_realm = HELLO.LOCAL [realms] HELLO.LOCAL = { kdc = champion.hello.local admin_server = champion.hello.local } [domain_realm] .hello.local = HELLO.LOCAL -------[ nsswitch.conf ]------- group: compat files winbind group_compat: nis hosts: files dns networks: files passwd: compat files winbind passwd_compat: nis shells: files shadow: files winbind -------[ /etc/pam.d/login ]------- # auth auth required pam_nologin.so no_warn auth sufficient pam_self.so no_warn auth include system auth sufficient pam_winbind.so # account account requisite pam_securetty.so account include system account sufficient pam_winbind.so # session session include system # password password include system Thanks for taking the time to check this out! -Tom