View previous topic :: View next topic |
Author |
Message |
pZYchO n00b
![n00b n00b](/images/ranks/rank_rect_0.gif)
Joined: 28 Apr 2003 Posts: 61
|
Posted: Wed May 21, 2003 10:08 pm Post subject: Samba and win2k domain controller ?! Winbind....... |
|
|
Hi there,
I set up a win2k domain controller, I want samba to act as fileserver in the domain... Joining the samba server into the domain wasn't a problem, but authentication against the win2k server failed...
Here is a part of my smb.conf:
Code: |
[global]
workgroup = pzychonet
netbios name = fileserver
server string = FileServer
log file = /var/log/samba/log.%m
max log size = 50
hosts allow = 192.168.199. 127.
security = domain
password server = pzycho-dc-w2k
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = eth0 192.168.199.0/24
bind interfaces only = yes
hide local users = yes
domain master = no
preferred master = no
domain logons = no
dns proxy = no
winbind enum users = yes
winbind enum groups = yes
winbind uid = 30000-40000
winbind gid = 30000-40000
template homedir = /var/lib
template shell = /bin/false
winbind cache time = 60
winbind use default domain = yes
[teamdrive]
comment = teamdrive
path = /data/teamdrive
writable = yes
create mode = 0600
directory mask = 0700
force user = smb
write list = @home, mighty
|
As you can see, I added the user smb, this user has full access to my share(s) (I only added an example, whole smb.conf is too large). I added the user with smbpasswd (-n to avoid the user/password box).
That's enough security for my home network... =)
When I try to connect (from the domain controller) the user / password box appears. Even if I put in smb as user i cannot connect.
Because of that problem I changed the password. After trying to connect again, I get the box again and can connect as smb / <password>
But there is another hing which makes it really interessting. When I try to connect as a user the domain controller don't know, in the log file appears a message that the user can not be found... When I use a known user no message appears in the log..........
I tried a lot of things, read all documentations I found but I wasn't able to solve the problem.
Hope somebody can help me...
Thx...
P.S.: Sorry about my english, I'm german...... =) |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
SirJoltalot n00b
![n00b n00b](/images/ranks/rank_rect_0.gif)
![](images/avatars/gallery/StarCraft/starcraft_protoss_carrier.gif)
Joined: 11 Aug 2002 Posts: 30 Location: Toronto, Canada
|
Posted: Sat May 24, 2003 4:49 am Post subject: smbpasswd |
|
|
The user smb - which password did you change? When you use samba, there are sort of "two" users. One UNIX user and one Samba user. There is a way to link them together, so that changes to the UNIX user affect the Samba user, but I can't remember precisely what it is.
So you'll need to use smbpasswd to add a Samba user 'smb', and give that user the password you want.
In general, what I do for Samba-only users is setup a UNIX user with no password, no homedir (maybe you want them to have a homedir for Samba, up to you) and no shell (or /bin/false as shell). Then they can't login on the console, so the lack of password doesn't matter too much. I also make sure they're not in any important groups, like wheel or anything. Then just use smbpasswd to add a Samba user with the same username, and set the password there.
I think that might be your problem, but maybe you knew that already... _________________ "The degree to which life sucks is directly proportional to your blood/caffeine ratio" |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
pZYchO n00b
![n00b n00b](/images/ranks/rank_rect_0.gif)
Joined: 28 Apr 2003 Posts: 61
|
Posted: Sat May 24, 2003 5:19 pm Post subject: |
|
|
Hi
unfortunately that's not the problem. I know what you are talking about. But I have another Problem.
Winbind creates the link between unix and windows users (domain users). That works for me, I can even login to unix with a windows user (DOMAIN+USER), the password is the same (like from win client).
With wbinfo -u I can see all users, with winbind -g all goups (on domain controller), but winbind doesn't add the users to unix (getent passwd, getent group doesn't show the domain users / groups).
That the problem.
What I really can't understand is, that wbinfo can resolve domain users to unix uids... They are in the range I gave winbind in smb.conf.........
If somebody had the problem, or have an idea please advise me......... |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
pZYchO n00b
![n00b n00b](/images/ranks/rank_rect_0.gif)
Joined: 28 Apr 2003 Posts: 61
|
Posted: Mon May 26, 2003 10:11 am Post subject: |
|
|
Ok, now it works... I don't know why and how, but it works... =) I remerged the package, because of acl support.......
That's my next Problem, anyone expirience on setting up acl support. If possible I want to use reiserfs....... |
|
Back to top |
|
![](templates/gentoo/images/spacer.gif) |
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|