John H Terpstra wrote:
On Wed, 12 Nov 2003, Brandon Lederer wrote:
I Have a "nobody" account. However I didn't have that line in there, or
rather it was commented out. So, I uncommented it, restarted samba and
winbind to no avail. No luck with the magic crystal this time. So that
we have a clear distinct crystal, I will paste my smb.conf file. My bad.
Comments removed.
Ok. Much better info this time! :)
You are configured to be a domain member, therefor you do not need tdbsam. Also, since you are not doing local authentication you should not specify "obey pam restrictions". Both "password chat" and "passwd bprogram" are not relevant for a Domain Member.
So, comment out the lines above and it should work.
Cheers, John T.
[global] workgroup = HMS server string = %h server (Samba %v) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = domain encrypt passwords = true passdb backend = tdbsam guest obey pam restrictions = yes guest account = nobody invalid users = root passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 idmap uid = 10000-20000 idmap gid = 10000-20000 template shell = /bin/false winbind separator = +
[data] path = /data public = yes
John H Terpstra wrote:
On Fri, 7 Nov 2003, Brandon Lederer wrote:
Brandon,I have set up winbind, made the nsswitch settings, joined the current NT Domain, got back the message that said "Welcome to Domain". When I try to access the PC, it brings up IPC$ and wants a password. The log for that workstation says "PAM: UNKNOWN PAM ERROR (9) during Account Management for User: Domain+USERNAME!" Then it says "PAM: Account Validation Failed - Rejecting User Domain+USERNAME!"
Does anyone have any helpful ideas?
You are asking us to exercise our worn-out crystal balls by not providing your smb.conf file, so here goes:
My guess is that your UNIX system does NOT have an account called "nobody". I guess also that given that your system does not have a nobody account, you also do not have the following entry in your smb.conf file [globals] section:
guest account = 'a_valid_unix_account'
So let me know, did my crystal ball work this time. Dang, it's been so unreliable lately! :)
- John T.
-- Brandon Lederer Linux Administrator Cashflow Billing Solutions (402) 898-2600 x334
**********CONFIDENTIALITY STATEMENT**********
This e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. It is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this email is not the intended recipient, or agent responsible for delivering or copying of this communication, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please reply to the sender that you have received the message in error, then delete it. Thank you.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
