Hello, I have set up a samba server 3.1.2. I want to run it as a PDC. Final target is to use it with LDAP and Kerberos. At the moment I use tdbsam as backend. I have authentication problems. Everything is running, I have set the root password, I have created some user account on SAMBA and UNIX. I am lost. I followed the docs (Examples) except for the firewalling and BDC setup (I don't need it at the moment). smbd, nmbd & winbind are running I did the following tests: smbclient //debdell/public result OK. I can list the content of the share net USER ADD <username> result OK : output is : Added user<username> smbclient -L localhost -U% result OK : I can see the server and the fact that the sever is the master for the workgroup I have set up. wbinfo -u result NOK: output is : Error looking up domain users net rpc join -U administrator Password: Could not connect to server DEBDELL The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE net rpc join -U root Password: Creation of workstation account failed Unable to join domain CETIC1. here is my smb.conf: # Samba config file created using SWAT # from 192.168.0.39 (192.168.0.39) # Date: 2006/06/12 12:02:34 [global] netbios name = CETIC1 workgroup = CETIC1 server string = %h server (Samba %v) obey pam restrictions = Yes passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . security = user local master = yes domain master = yes domain logons = yes os level = 33 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = wins bcast hosts add user script = /usr/sbin/useradd -m '%u' delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' add machine script = /usr/sbin/useradd -d /var/lib/nobody -g 100 -s /bin/false -M %u logon script = scripts\logon.bat logon path logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes domain logons = Yes dns proxy = No panic action = /usr/share/samba/panic-action %d # invalid users = root include = /etc/samba/dhcp.conf winbind separator = / winbind cache time = 10 template shell = /bin/bash template homedir = /home/%D/%U winbind uid = 10000-20000 winbind gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template shell = /bin/bash [homes] comment = Home Directories create mask = 0700 directory mask = 0700 browseable = No [printers] comment = All Printers path = /var/lib/samba/printers create mask = 0700 printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [public] path = /var/lib/samba/public [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon/%U valid users = %S read only = yes [profiles] path = /var/lib/samba/profiles read only = no create mask = 0600
Gerald (Jerry) Carter
2006-Jun-16 14:14 UTC
[Samba] authentication problems with Samba 3.1.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Benoit Callebaut wrote:> Hello, > I have set up a samba server 3.1.2. > I want to run it as a PDC. > Final target is to use it with LDAP and Kerberos.You should be using the production releases here. Trunk (a.k.a v3.1.x) is for experiments and on going work. It's not intended to deployment. cheers, jerry ====================================================================Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEkryaIR7qMdg1EfYRAs8/AJ0Sb4OUXHCpKk6rIE2yD+eGXOLt/gCggrJo GwwEF8TobX+eXnqFkv74UyM=gZOl -----END PGP SIGNATURE-----