Wikked one
2009-Jul-24 21:15 UTC
[Samba] Samba Member server cannot access other Member servers
Dear List, I?ve got a Samba NT4 domain with multiple samba member servers serving files using domain security. Current member servers are all running CentOS 4.7 with 3.0.28-0.el4.9 I have no issues (except aging) with these systems. I?m upgrading a major file server with CentOS5.3 64 bit with Samba 3.0.33-3.7el5_3.1 ,it?s all setup and configured but here?s a show stopper for implementation. When I attempt to access another Samba server with this version ,I am prompted for authentication,even though the machine has full domain access. Additionally I have been mounting a domain member share on a non domain member server in order to back it up with a command in the /etc/fstab. This no longer works and even when I specify the administrator and password I have a wrong password error. Here?s the 3.0.28 config file [global] workgroup = workgroup netbios name = OldSystem passdb backend=ldapsam:ldap://System.MyGroup.com idmap backend = ldap://192.168.1.1 security = domain encrypt passwords= yes ldap suffix=dc=MyGroup,dc=com ldap machine suffix = ou=Computers ldap user suffix =ou=Users ldap group suffix =ou=Groups ldap admin dn =cn=Manager,dc=MyGroup,dc=com ldap passwd sync=yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 20 local master = no wins server =192.168.1.1 log level= 5 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = no [SHARE] writeable = yes valid users = @"Domain Users" path = /usr/smb/share force directory mode = 777 force create mode = 777 nt acl support =yes And the 3.0.33 config file workgroup = workgroup security = domain idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = false winbind offline logon = false ldap user suffix = ou=Users socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 wins server = 192.168.1.1 winbind trusted domains only = yes idmap backend = ldap://192.168.1.1 encrypt passwords = yes passdb backend = ldapsam:ldap://System.MyGroup.com nt acl support = yes netbios name = NewSystem ldap machine suffix = ou=Computers ldap group suffix = ou=Groups ldap passwd sync = yes ldap suffix = dc=MyGroup,dc=com local master = no winbind enum groups = no os level = 20 ldap admin dn = cn=Manager,dc=MyGroup,dc=com log level = 5 [NEWSHARE] nt acl support = yes guest account = administrator writeable = yes path = /raid/smb/newshare force directory mode = 777 force create mode = 777 valid users = @"Domain Users" Any help? Thanks! _________________________________________________________________ Bing? brings you maps, menus, and reviews organized in one place. Try it now. bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TXT_MLOGEN_Local_Local_Restaurants_1x1
Hi, I've asked about a couple issues on this list and now I'm wondering if I'm sending to the right address? What's a guy got to do to get a response?> Dear List, > > I?ve > got a Samba NT4 domain with multiple samba member servers serving files using > domain security. Current member servers are all running CentOS 4.7 with 3.0.28-0.el4.9 > I have no issues (except aging) with these systems. > > I?m upgrading a major file server with CentOS5.3 64 bit with > Samba 3.0.33-3.7el5_3.1 > > ,it?s all setup and configured but here?s a show stopper for > implementation. > > When I attempt to access another Samba server with this > version ,I am prompted for authentication,even though the machine has full > domain access. > > Additionally I have been mounting a domain member share on a > non domain member server in order to back it up with a command in the > /etc/fstab. > > This no longer works and even when I specify the > administrator and password I have a wrong password error. > > > Here?s the 3.0.28 config file > > > > [global] > > workgroup = workgroup > > netbios name = OldSystem > > passdb backend=ldapsam:ldap://System.MyGroup.com > > idmap backend = ldap://192.168.1.1 > > security = domain > > encrypt passwords= yes > > ldap suffix=dc=MyGroup,dc=com > > ldap machine suffix = ou=Computers > > ldap user suffix =ou=Users > > ldap group suffix =ou=Groups > > ldap admin dn =cn=Manager,dc=MyGroup,dc=com > > ldap passwd sync=yes > > socket options = TCP_NODELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 > > os level = 20 > > local master = no > > wins server =192.168.1.1 > > log level= 5 > > idmap uid = 16777216-33554431 > > idmap gid = 16777216-33554431 > > template shell = /bin/false > > winbind use default domain = no > > > > [SHARE] > > writeable = yes > > valid users = @"Domain Users" > > path = /usr/smb/share > > force directory mode = 777 > > force create mode = 777 > > nt acl support =yes > > > > And the 3.0.33 config file > > > > > workgroup = workgroup > > security = domain > > idmap uid = 16777216-33554431 > > idmap gid = 16777216-33554431 > > template shell = /bin/false > > winbind use default domain = false > > winbind offline logon = false > > ldap user suffix = ou=Users > > socket options = TCP_NODELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 > > wins server = 192.168.1.1 > > winbind trusted domains only = yes > > idmap backend = ldap://192.168.1.1 > > encrypt passwords = yes > > passdb backend = ldapsam:ldap://System.MyGroup.com > > nt acl support = yes > > netbios name = NewSystem > > ldap machine suffix = ou=Computers > > ldap group suffix = ou=Groups > > ldap passwd sync = yes > ldap suffix = dc=MyGroup,dc=com > > local master = no > > winbind enum groups = no > > os level = 20 > > ldap admin dn = cn=Manager,dc=MyGroup,dc=com > > log level = 5 > > > > [NEWSHARE] > > nt acl support = yes > > guest account = administrator > > writeable = yes > > path = /raid/smb/newshare > > force directory mode = 777 > > force create mode = 777 > > valid users = @"Domain Users" > > > > Any help? > > > > Thanks! > > > > > > > _________________________________________________________________ > Bing? brings you maps, menus, and reviews organized in one place. Try it now. > bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TXT_MLOGEN_Local_Local_Restaurants_1x1 > -- > To unsubscribe from this list go to the following URL and read the > instructions: lists.samba.org/mailman/options/samba_________________________________________________________________ Bing? brings you maps, menus, and reviews organized in one place. Try it now. bing.com/search?q=restaurants&form=MLOGEN&publ=WLHMTAG&crea=TXT_MLOGEN_Local_Local_Restaurants_1x1