PO Michel
2007-Feb-13 09:31 UTC
[Samba] Samba 3.0.24 + Winbind + Active Directory 2003 on RedHat AS 4.0
Hello all, I have compiled the latest samba release (3.0.249 on a RedHat AS 4.0 platform with the following options : ./configure −−with−smbwrapper −−with−dce−dfs −−with−smbmount −−with−pam −−with−pam_smbpass −−with−syslog −−with−quotas −−with−libsmbclient −−with−acl−support −−with−winbind −−with−winbind−auth−challenge I have modified the smb startup script so that winbind starts with smb. The libnss_winbind.so and libnss_wins.so have been copied in the appropriate directory DNS is properly setup. Here is my smb.conf file : workgroup = WKG server string = server_name netbios name = server security = ADS password server = dc.wkg.ch realm = WKG.CH encrypt passwords = yes winbind separator = + idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/winnt/%D/%U template shell = /bin/bash winbind use default domain = no wins server = IP address client use spnego = no socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=16384 SO_SNDBUF=16384 map acl inherit = yes nt acl support = yes allow trusted domains = no winbind use default domain = no obey pam restrictions = no My /etc/pam.d/login looks like the following : auth required pam_securetty.so auth sufficient pam_winbind.so auth sufficient pam_unix.so use_first_pass auth required pam_stack.so service=system-auth auth required pam_nologin.so account sufficient pam_winbind.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session optional pam_console.so My /etc/pam.d/samba looks like the following : auth sufficient pam_winbind.so auth required pam_unix.so nullok account sufficient pam_winbind.so account required pam_unix.so session required pam_unix.so password required pam_unix.so My Samba server has successfully joined the domain with the net ads command. wbinfo ?u and wbinfo ?g commands the list of users and groups from the main and the trusted domain (though I would like to get only the main domain info). I have set the winbind authentication user with the wbinfo ?set-auth-user command. I can see the Samba server in my Windows XP?s network neighbourhood but not in the WKG domain. I cannot browse the shares I have created. Here are the last lines of my winbindd.log file : [2007/02/13 10:01:14, 1] nsswitch/winbindd_ads.c:query_user_list(218) Not a user account? atype=0x30000000 Any idea ? Many thanks, PO --------------------------------- D?couvrez une nouvelle fa?on d'obtenir des r?ponses ? toutes vos questions ! Profitez des connaissances, des opinions et des exp?riences des internautes sur Yahoo! Questions/R?ponses.