Hy,
I have set up a samba PDC with tdbsam, for a office, everything seems to be
ok, users logon to the pcs with their user domains, the policies are working
ok, but once they login, when they try to access a share in the samba pdc
server, it asks againg for user and passwd, Any idea why its doing this?,
you cant access also the netlog on share, so no scripts are working :**.
Another doubdt i have is if i dont want roaming profiles, i just want to the
users to use their profile in their pc how can i do it?
my config is like this:
#======================= Global Settings ======================
[global]
workgroup = liquid.zz
netbiosname = liquidsbox
server string = LiquidDs Samba Fuck U server
time server = Yes
wins support = yes
passdb backend = tdbsam
os level = 64
preferred master = auto
domain master = yes
local master = yes
preferred master = Yes
security = user
domain logons = yes
;logon path = \\%N\profiles\%U
;mapeaelhomealaletraH
logon drive = H:
logon home = \\liquidsbox\home\%u
logon script = logon.cmd
add user script = /usr/sbin/useradd -d /dev/null -g smbusers -s /bin/false
-m %u
add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -m %u
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
[netlogon]
path = /var/lib/samba/netlogon
guest ok = Yes
share modes = no
public = no
read only = no
write list = root
browseable = no
#### Debugging/Accounting ####
log file = /var/log/samba/%m
log level = 2
syslog = 0
#======================= Share Definitions ======================
[homes]
comment = Home Directories
browseable = yes
writable = yes
create mask = 0700
directory mask = 0700
[samba]
comment = Carpeta compartida
locking = no
path = /samba
browseable = yes
writable = yes
create mask = 0700
directory mask = 0700
valid users = @users
Also when i list a user the ouput gives me as the domain the netbios name of
the pdc server not the name of the domain:
root@liquidsbox:~ # pdbedit -Lv -u prueba
Unix username: prueba
NT username:
Account Flags: [U ]
User SID: S-1-5-21-2639249364-3457876577-3313450608-3006
Primary Group SID: S-1-5-21-2639249364-3457876577-3313450608-1201
Full Name: prueba de samba
Home Directory: \\liquidsbox\home\%u
HomeDir Drive: F:
Logon Script: logon.cmd
Profile Path:
Domain: LIQUIDSBOX ------------------> when the domain name is
LIQUID.ZZ
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Sun, 07 Feb 2106 07:28:15 CET
Kickoff time: Sun, 07 Feb 2106 07:28:15 CET
Password last set: Sat, 09 Sep 2006 09:35:42 CEST
Password can change: Sat, 09 Sep 2006 09:35:49 CEST
Password must change: Sat, 09 Sep 2006 09:37:12 CEST
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
could have to do with this?
Thnx a lot!
Felipe Augusto van de Wiel
2006-Sep-11 12:28 UTC
[Samba] PDC config asking for double AUTH
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/09/2006 05:12 AM, daniel parkes escreveu:> Hy, > > I have set up a samba PDC with tdbsam, for a office, everything seems to be > ok, users logon to the pcs with their user domains, the policies are > working > ok, but once they login, when they try to access a share in the samba pdc > server, it asks againg for user and passwd, Any idea why its doing this?, > you cant access also the netlog on share, so no scripts are working :**.If your server is going to be a PDC/BDC you should have something like this: [global] domain logons = Yes domain master = (Yes on PDC, No on BDCs) [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = Yes browseable = No> Another doubdt i have is if i dont want roaming profiles, i just want to > the > users to use their profile in their pc how can i do it?You should set 'logon path' and 'logon home' for empty values. It is important to note that it is not a matter of just comment it, you have to set it empty. logon path logon home> my config is like this:If you run testparm and testparm -v what you get?> #======================= Global Settings ======================> [global] > workgroup = liquid.zz > netbiosname = liquidsboxHmmm... 'netbios name' has a space on it.> server string = LiquidDs Samba Fuck U serverSounds like a 'c00l' name for a file server.> time server = Yes > wins support = yes > passdb backend = tdbsam > os level = 64 > preferred master = auto > domain master = yes > local master = yes > preferred master = Yes > security = user > domain logons = yes > ;logon path = \\%N\profiles\%U > ;mapeaelhomealaletraH > logon drive = H: > logon home = \\liquidsbox\home\%u > logon script = logon.cmd > add user script = /usr/sbin/useradd -d /dev/null -g smbusers -s /bin/false > -m %u > add machine script = /usr/sbin/useradd -d /dev/null -g machines -s > /bin/false -m %u > delete user script = /usr/sbin/userdel -r '%u' > add group script = /usr/sbin/groupadd '%g' > delete group script = /usr/sbin/groupdel '%g' > add user to group script = /usr/sbin/usermod -G '%g' '%u'Looks sane, maybe with the debug logs we could help a little bit more. [...]> could have to do with this? > > > > Thnx a lot!You are welcome. Kind regards, - -- Felipe Augusto van de Wiel <felipe@paranacidade.org.br> Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBVZdCj65ZxU4gPQRAvWqAJ0SAqMt3UcIcDlkVA/Ro4+jfsqsLgCgq80M YfSjhcHJqyqjR1Ay6yNP82s=tKTW -----END PGP SIGNATURE-----