I am trying to set up Samba 3.0.1 to be a member of Active Directory.
The setup is very simple: There is one Windows 2003 AD server on the network. Samba is running on FreeBSD 5.1R.
So far, I can successfully join the domain (using net ads join -U Administrator), and I can use kinit / smbclient successfully against the Windows domain controller (kinit [EMAIL PROTECTED] followed by smbclient -L \\host -k). However, whenever I try to authenticate against the machine running Samba from a Windows domain client, I get prompted for a username and password. Even if I enter in a valid domain username and password, Samba says that the password is incorrect.
Here is my smb.conf:
[global]
server string = Samba 3.0 security = ads load printers = yes log file = /var/log/samba/log.%m max log size = 500 workgroup = REQUEST
realm = CORP.REQUEST.COM encrypt passwords = yes debuglevel = 100 socket options = TCP_NODELAY local master = no
wins support = yes wins server = 10.1.8.7
client use spnego = yes
A full debug log can be found at http://www.aosda.net/samba.txt .
I am confused by the fact that the logs seem to indicate it is using NTLM authentication - I thought with security = ads it was only supposed to use Kerberos?
Also, is it possible to use security = ads along with nss_ldap (i.e. Samba would get a static uid/gid/etc from an AD server for local use)? I suppose I am a bit confused as to how these different parts work together. Essentially, I want statically mapped uid/gid's and usernames
across all machines.
Thanks for any help or pointers to documentation,
-Justin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
