Hi
Thanks for your advice, but it is still using kerbers (--> Server not
found in Kerberos database).
My smb.conf looks like that:
[global]
workgroup = DOMAINA
realm = DOMAIN.BLA.BLUB
server string = Samba Server
security = ADS
auth methods = winbind
password server = server1, server2
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
dns proxy = No
wins server = x.x.x.x
idmap backend = ad
idmap uid = 500-33554431
idmap gid = 500-33554431
template homedir = /home/%U
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nss info = rfc2307
On Nov 19, 2007 11:00 AM, Warren Beldad <advisory22@gmail.com>
wrote:> Hi,
>
> use the parameter "client ntlmv2 auth", by default it is set to
no.
> If enabled, samba will sent only NTLMv2 responses.
> please have a look on its man page...
>
> thanks,
> warren
>
>
> On Nov 19, 2007 4:49 PM, Urs Golla <urs.golla@gmail.com> wrote:
> > Is there really no way to tell winbind to use ntlm for "security
> > ads" with samba 3.0.26? The man pages say that it should work
like
> > that... wrong information in the man pages?
> >
> > cheers
> > urs
> >
> >
> > On 11/18/07, Neal A. Lucier <nlucier@math.purdue.edu> wrote:
> > > The parameter/feature is being introduced in 3.2.0, sorry I
thought it
> > > came with 3.0.26.
> > >
> > > Neal
> > >
> > > Urs Golla wrote:
> > > > Hi Neal
> > > >
> > > > I get "Unknown parameter encountered: "winbind rpc
only""
> > > >
> > > > I have samba 3.0.26.a-35
> > > >
> > > >
> > > > cheers
> > > > Urs
> > > >
> > > > On 11/16/07, Neal A. Lucier <nlucier@math.purdue.edu>
wrote:
> > > >> Urs Golla wrote:
> > > >>> Is there a way to force samba to use NTLM (or
NTLMv2) instead of kerberos?
> > > >>>
> > > >> While the man page doesn't explicitly say that NTLM
is used instead of
> > > >> kerberos; I believe the intent of this setting is to
have samba talk
> > > >> with AD using only NT4 domain member style
communications (RPC and NTLM)
> > > >> and not ADS style communications (LDAP and kerberos).
It's worth trying
> > > >> if you haven't already.
> > > >>
> > > >> From man smb.conf:
> > > >>
> > > >> winbind rpc only (G)
> > > >>
> > > >> Setting this parameter to yes forces winbindd to use
RPC instead of
> > > >> LDAP to retrieve information from Domain Controllers.
> > > >>
> > > >> Default: winbind rpc only = no
> > > >>
> > >
> > >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
> >
>