Hello,
I have set up a samba server 3.1.2.
I want to run it as a PDC.
Final target is to use it with LDAP and Kerberos.
At the moment I use tdbsam as backend.
I have authentication problems. Everything is running, I have set the
root password, I have created some user account on SAMBA and UNIX.
I am lost. I followed the docs (Examples) except for the firewalling and
BDC setup (I don't need it at the moment).
smbd, nmbd & winbind are running
I did the following tests:
smbclient //debdell/public
result OK. I can list the content of the share
net USER ADD <username>
result OK : output is : Added user<username>
smbclient -L localhost -U%
result OK : I can see the server and the fact that the sever is the
master for the workgroup I have set up.
wbinfo -u
result NOK: output is : Error looking up domain users
net rpc join -U administrator
Password:
Could not connect to server DEBDELL
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
net rpc join -U root
Password:
Creation of workstation account failed
Unable to join domain CETIC1.
here is my smb.conf:
# Samba config file created using SWAT
# from 192.168.0.39 (192.168.0.39)
# Date: 2006/06/12 12:02:34
[global]
netbios name = CETIC1
workgroup = CETIC1
server string = %h server (Samba %v)
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
security = user
local master = yes
domain master = yes
domain logons = yes
os level = 33
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = wins bcast hosts
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -d /var/lib/nobody -g 100
-s /bin/false -M %u
logon script = scripts\logon.bat
logon path logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
domain logons = Yes
dns proxy = No
panic action = /usr/share/samba/panic-action %d
# invalid users = root
include = /etc/samba/dhcp.conf
winbind separator = /
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
[homes]
comment = Home Directories
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/lib/samba/printers
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[public]
path = /var/lib/samba/public
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon/%U
valid users = %S
read only = yes
[profiles]
path = /var/lib/samba/profiles
read only = no
create mask = 0600
Gerald (Jerry) Carter
2006-Jun-16 14:14 UTC
[Samba] authentication problems with Samba 3.1.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Benoit Callebaut wrote:> Hello, > I have set up a samba server 3.1.2. > I want to run it as a PDC. > Final target is to use it with LDAP and Kerberos.You should be using the production releases here. Trunk (a.k.a v3.1.x) is for experiments and on going work. It's not intended to deployment. cheers, jerry ====================================================================Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEkryaIR7qMdg1EfYRAs8/AJ0Sb4OUXHCpKk6rIE2yD+eGXOLt/gCggrJo GwwEF8TobX+eXnqFkv74UyM=gZOl -----END PGP SIGNATURE-----