nsswitch.conf shadow: files nis
passwd: compat group: compat hosts: files dns networks: files dns services: files ldap protocols: files rpc: files ethers: files netmasks: files netgroup: files ldap publickey: files bootparams: files automount: files aliases: files ldap passwd_compat: ldap group_compat: ldap On 3/27/07, Andrew Baudouin <andrewmb at gmail.com> wrote: > > Also, how about "*getent passwd* "? > > On 3/27/07, Andrew Baudouin <andrewmb at gmail.com> wrote: > > > > What's /etc/nsswitch.conf say? > > > > On 3/27/07, Tim Hallin < timhallin at gmail.com> wrote: > > > > > I setup up a samba server using SLES 10. I have joined an AD domain. > > > wbinfo -u - returns the AD user list, so I think winbind is working. In > > > Linux I can give domain users ownership of files (chown). When I setup a > > > share the Domain users can see the share but not login unless I remove > > > Samba > > > from the Domain and enter them locally (smbpasswd -a). It will not let > > > domain users access samba shares. I think Kerberos is working. I have used > > > Samba for years, this is my first attempt at using AD for authentication. > > > > > > Can a Samba member server directory join an Active Directory Domain or > > > does it need to connect through a Samba Domain Controller? Or Does my > > > first > > > Samba box need to a Domain Controller ? > > > > > > Thanks, > > > > > > Tim Hallin > > > > > > > > > > > > [global] > > > workgroup = FRANKLIN > > > realm = FRANKLIN.INT > > > server string = Windows Server 2003 > > > security = ADS > > > map to guest = Bad User > > > password server = DC1 DC2 > > > printcap name = cups > > > logon path = \\%L\profiles\.msprofile > > > logon drive = P: > > > logon home = \\%L\%U\.9xprofile > > > domain master = No > > > ldap ssl = no > > > idmap uid = 10000-20000 > > > idmap gid = 10000-20000 > > > winbind use default domain = Yes > > > winbind refresh tickets = yes > > > cups options = raw > > > include = /etc/samba/dhcp.conf > > > template homedir = /home/%D/%U > > > template shell = /bin/bash > > > > > > [profiles] > > > comment = Network Profiles Service > > > path = %H > > > read only = No > > > create mask = 0600 > > > directory mask = 0700 > > > store dos attributes = Yes > > > > > > [users] > > > comment = All users > > > path = /data/profiles > > > read only = No > > > inherit acls = Yes > > > veto files = /aquota.user/groups/shares/ > > > > > > [groups] > > > comment = All groups > > > path = /data/groups > > > read only = No > > > inherit acls = Yes > > > > > > [printers] > > > comment = All Printers > > > path = /var/tmp > > > create mask = 0600 > > > printable = Yes > > > browseable = No > > > > > > [print$] > > > comment = Printer Drivers > > > path = /var/lib/samba/drivers > > > write list = @ntadmin, root > > > force group = ntadmin > > > create mask = 0664 > > > directory mask = 0775 > > > > > > [test] > > > comment = test > > > path = /test > > > valid users = FRANKLIN\tth > > > write list = FRANKLIN\tth > > > read only = No > > > inherit acls = Yes > > > > > > _______________________________________________ > > > General mailing list > > > General at brlug.net > > > http://mail.brlug.net/mailman/listinfo/general_brlug.net > > > > > > > > > > _______________________________________________ > General mailing list > General at brlug.net > http://mail.brlug.net/mailman/listinfo/general_brlug.net > > -------------- next part -------------- An HTML attachment was scrubbed... URL: /pipermail/general_brlug.net/attachments/20070327/cae40da9/attachment.html
