Hy, I have set up a samba PDC with tdbsam, for a office, everything seems to be ok, users logon to the pcs with their user domains, the policies are working ok, but once they login, when they try to access a share in the samba pdc server, it asks againg for user and passwd, Any idea why its doing this?, you cant access also the netlog on share, so no scripts are working :**. Another doubdt i have is if i dont want roaming profiles, i just want to the users to use their profile in their pc how can i do it? my config is like this: #======================= Global Settings ====================== [global] workgroup = liquid.zz netbiosname = liquidsbox server string = LiquidDs Samba Fuck U server time server = Yes wins support = yes passdb backend = tdbsam os level = 64 preferred master = auto domain master = yes local master = yes preferred master = Yes security = user domain logons = yes ;logon path = \\%N\profiles\%U ;mapeaelhomealaletraH logon drive = H: logon home = \\liquidsbox\home\%u logon script = logon.cmd add user script = /usr/sbin/useradd -d /dev/null -g smbusers -s /bin/false -m %u add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -m %u delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' [netlogon] path = /var/lib/samba/netlogon guest ok = Yes share modes = no public = no read only = no write list = root browseable = no #### Debugging/Accounting #### log file = /var/log/samba/%m log level = 2 syslog = 0 #======================= Share Definitions ====================== [homes] comment = Home Directories browseable = yes writable = yes create mask = 0700 directory mask = 0700 [samba] comment = Carpeta compartida locking = no path = /samba browseable = yes writable = yes create mask = 0700 directory mask = 0700 valid users = @users Also when i list a user the ouput gives me as the domain the netbios name of the pdc server not the name of the domain: root@liquidsbox:~ # pdbedit -Lv -u prueba Unix username: prueba NT username: Account Flags: [U ] User SID: S-1-5-21-2639249364-3457876577-3313450608-3006 Primary Group SID: S-1-5-21-2639249364-3457876577-3313450608-1201 Full Name: prueba de samba Home Directory: \\liquidsbox\home\%u HomeDir Drive: F: Logon Script: logon.cmd Profile Path: Domain: LIQUIDSBOX ------------------> when the domain name is LIQUID.ZZ Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Sun, 07 Feb 2106 07:28:15 CET Kickoff time: Sun, 07 Feb 2106 07:28:15 CET Password last set: Sat, 09 Sep 2006 09:35:42 CEST Password can change: Sat, 09 Sep 2006 09:35:49 CEST Password must change: Sat, 09 Sep 2006 09:37:12 CEST Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF could have to do with this? Thnx a lot!
Felipe Augusto van de Wiel
2006-Sep-11 12:28 UTC
[Samba] PDC config asking for double AUTH
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/09/2006 05:12 AM, daniel parkes escreveu:> Hy, > > I have set up a samba PDC with tdbsam, for a office, everything seems to be > ok, users logon to the pcs with their user domains, the policies are > working > ok, but once they login, when they try to access a share in the samba pdc > server, it asks againg for user and passwd, Any idea why its doing this?, > you cant access also the netlog on share, so no scripts are working :**.If your server is going to be a PDC/BDC you should have something like this: [global] domain logons = Yes domain master = (Yes on PDC, No on BDCs) [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = Yes browseable = No> Another doubdt i have is if i dont want roaming profiles, i just want to > the > users to use their profile in their pc how can i do it?You should set 'logon path' and 'logon home' for empty values. It is important to note that it is not a matter of just comment it, you have to set it empty. logon path logon home> my config is like this:If you run testparm and testparm -v what you get?> #======================= Global Settings ======================> [global] > workgroup = liquid.zz > netbiosname = liquidsboxHmmm... 'netbios name' has a space on it.> server string = LiquidDs Samba Fuck U serverSounds like a 'c00l' name for a file server.> time server = Yes > wins support = yes > passdb backend = tdbsam > os level = 64 > preferred master = auto > domain master = yes > local master = yes > preferred master = Yes > security = user > domain logons = yes > ;logon path = \\%N\profiles\%U > ;mapeaelhomealaletraH > logon drive = H: > logon home = \\liquidsbox\home\%u > logon script = logon.cmd > add user script = /usr/sbin/useradd -d /dev/null -g smbusers -s /bin/false > -m %u > add machine script = /usr/sbin/useradd -d /dev/null -g machines -s > /bin/false -m %u > delete user script = /usr/sbin/userdel -r '%u' > add group script = /usr/sbin/groupadd '%g' > delete group script = /usr/sbin/groupdel '%g' > add user to group script = /usr/sbin/usermod -G '%g' '%u'Looks sane, maybe with the debug logs we could help a little bit more. [...]> could have to do with this? > > > > Thnx a lot!You are welcome. Kind regards, - -- Felipe Augusto van de Wiel <felipe@paranacidade.org.br> Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBVZdCj65ZxU4gPQRAvWqAJ0SAqMt3UcIcDlkVA/Ro4+jfsqsLgCgq80M YfSjhcHJqyqjR1Ay6yNP82s=tKTW -----END PGP SIGNATURE-----