Hey,
I forgot to mention that I'm not using AD yet. So LDAP & Kerberos is not
important to me, right now - since I'm still using a NT4-Domain :(
Should I use another/older Samba version for my configuration?
Thanks,
Axel
Info wrote:> Alex,
> I've installed 3.0.25a on AIX 5.3 and am getting issues with adding
samba server
> into W2003 AD, can you assist ?
>
> I got my 3.0.25a binaries from samba site, where did you get yours ?
> Do I need a pam_winbind.conf file ?
>
> I'd appreciate any help ?
>
>
> here is what I' doing to add samba server in W2003 AD
> # rm /opt/pware/samba/3.0.25a/private/secrets.tdb
> # rm /opt/pware/samba/3.0.25a/var/locks/*.tdb
> # ntpdate 10.1.1.101
> 20 Jun 12:06:03 ntpdate[14830]: adjust time server 10.1.1.101 offset
-0.003558
> # cd /opt/pware/bin
> # ./kinit
> Password for administrator@CLPSRES.LOCAL:
> # ./klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: administrator@CLPSRES.LOCAL
>
> Valid starting Expires Service principal
> 06/20/07 12:05:20 06/20/07 18:45:20 krbtgt/CLPSRES.LOCAL@CLPSRES.LOCAL
>
>
> Kerberos 4 ticket cache: /tmp/tkt0
> klist: You have no tickets cached
> # cd /opt/pware/samba/3.0.25a/bin
> # ./net --debuglevel=10 ads join
>
> fyi smb.conf and krb5.conf
>
>
>
> KRB5.conf
>
>
>
>
>
>
>
> [libdefaults]
>
>
>
> ticket_lifetime = 24000
>
>
>
> default_realm = CLPSRES.LOCAL
>
>
>
> forwardable = true
>
>
>
> proxiable = true
>
>
>
> dns_lookup_realm = false
>
>
>
> dns_lookup_kdc = false
>
>
>
> [realms]
>
>
>
> CLPSRES.LOCAL = {
>
>
>
> default_domain = domain.com
>
>
>
> kdc = 10.1.1.101:88
>
>
>
> admin_server = 10.1.1.101:749
>
>
>
> }
>
>
>
>
>
>
>
> [domain_realm]
>
>
>
>
>
>
>
> .domain.com = CLPSRES.LOCAL
>
>
>
> domain.com = CLPSRES.LOCAL
>
>
>
>
>
>
>
>
>
>
>
> smb.conf
>
>
>
>
>
>
>
> # Samba config file created using SWAT
>
>
>
> # from 10.1.1.101 (10.1.1.101)
>
>
>
> # Date: 2007/06/18 16:09:28
>
>
>
>
>
>
>
> [global]
>
>
>
> workgroup = CLPSRES
>
>
>
> realm = CLPSRES.LOCAL
>
>
>
> security = ADS
>
>
>
> auth methods = winbind
>
>
>
> obey pam restrictions = Yes
>
>
>
> password server = 10.1.1.101
>
>
>
> log level = 8
>
>
>
> log file = /var/log/samba.log
>
>
>
> client signing = Yes
>
>
>
> ldap suffix = "dc=CLPSRES,dc=LOCAL"
>
>
>
> ldap ssl = no
>
>
>
> idmap uid = 15000-20000
>
>
>
> idmap gid = 15000-20000
>
>
>
> template homedir >
>
>
> winbind separator = +
>
>
>
> winbind enum users = Yes
>
>
>
> winbind enum groups = Yes
>
>
>
> winbind use default domain = Yes
>
>
>
> admin users = root
>
>
>
>
>
>
>
> [public]
>
>
>
> comment = test
>
>
>
> path = /usr/local/source
>
>
>
> read only = No
>
>
>
> on 22/6/07 9:21 AM, Axel Schmalowsky <schmalowsky@gmail.com> wrote:
>
>
>> Hello,
>>
>> I installed Samba 3.0.24 on my AIX 5.3 and configured it to
authenticate
>> users via winbind.
>> I followed the previous thread 'Samba on AIX -->
nsswitch.conf', copied
>> WINBIND to /usr/lib/security and modified the default: stanza in
>> /etc/security/user to include WINBIND (in the SYSTEM and registry
entry,
>> respectively). Additionally, I added an entry in
>> /usr/lib/security/methods.cfg.
>>
>> I succeeded in getting the Domain users name by means of 'wbinfo
-u',
>> but I cannot list any user via 'lsuser -R WINBIND ...' nor do I
get any
>> information about a user via 'id user' - it tells me that the
user
>> specified cannot be found in /etc/passwd.
>>
>> Is there anything I have not done or considered yet?
>>
>> Any help appreciated.
>>
>> Regards
>> Axel
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/listinfo/samba
>>
>>
>>
>>
>
>