Folks -- thanks for all your help -- I have gotten the SAMBA AUTHENTICATION problem resolved -- I rebuilt the machine --
That machine has had as many as 5 different samba configs on it over the last 3 months as I have tried to get things figured out to make it work right. So now that I had a known working configuration, I just needed to clean all the other junk up Thanks so much for all your help I still have a few questions about how to configure permissions which I posted earlier, if anyone can help out, I would appreciate it TIM Timothy A. Holmes IT Manager / Webmaster / Science Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 Timothy A. Holmes IT Manager / Webmaster / Science Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:samba- > [EMAIL PROTECTED] On Behalf Of Tim Holmes > Sent: Thursday, July 21, 2005 1:29 PM > To: samba@lists.samba.org > Subject: [Samba] Samba / AD authentication - one machine only !!!! > > Hi Folks: > > I am continuing to work on the samba problems. This is a weird one!!! > > I have 3 servers with samba running: > > 2 of them work perfectly and the third one refuses to authenticated > > I am seeing a lot of the following error > > [2005/07/21 12:58:21, 0] lib/util_sock.c:get_peer_addr(1000) > getpeername failed. Error was Transport endpoint is not connected > > > Googleing around has found that it seems to be related to DNS issues, > but that makes no sense, since the two other servers running identical > [global] sections (only differences are machine names etc) and krb5 > configurations are working fine > > The web server works cool > The testbed server works kool > > When I try to access the file server, it asks for authentication > > Kinit shows no errors, so I assume that's working right > > > Here is the smb.conf > [global] > log file = /var/log/samba/%m.log > idmap gid = 10000-40000 > socket options = SO_RCVBUF=8192 > wins server = 192.168.0.2 > domain master = No > realm = MCASCHOOL.NET > netbios name = srvfs-01 > server string = MCA File Server (test conf) > password server = srvdc01.mcaschool.net > idmap uid = 10000-40000 > winbind enum users = yes > winbind nested groups = Yes > local master = No > workgroup = MCASCHOOL > os level = 20 > winbind enum groups = yes > security = ads > preferred master = no > > [users] > path = /home > read only = No > > > here is the nsswitch.conf > > # > # /etc/nsswitch.conf > # > # An example Name Service Switch config file. This file should be # > sorted with the most-used services at the beginning. > # > # The entry '[NOTFOUND=return]' means that the search for an # entry > should stop if the search in the previous entry turned # up nothing. > Note that if the search failed due to some other reason # (like no NIS > server responding) then the search continues with the # next entry. > # > # Legal entries are: > # > # nisplus or nis+ Use NIS+ (NIS version 3) > # nis or yp Use NIS (NIS version 2), also called YP > # dns Use DNS (Domain Name Service) > # files Use the local files > # db Use the local database (.db) files > # compat Use NIS on compat mode > # hesiod Use Hesiod for user lookups > # [NOTFOUND=return] Stop searching if not found so far > # > > # To use db, put the "db" in front of "files" for entries you want to be > # looked up first in the databases # # Example: > #passwd: db files nisplus nis > #shadow: db files nisplus nis > #group: db files nisplus nis > > passwd: files compat winbind > shadow: compat > group: files compat winbind > > #hosts: db files nisplus nis dns > hosts: files dns winbind > > # Example - obey only what nisplus tells us... > #services: nisplus [NOTFOUND=return] files > #networks: nisplus [NOTFOUND=return] files > #protocols: nisplus [NOTFOUND=return] files > #rpc: nisplus [NOTFOUND=return] files > #ethers: nisplus [NOTFOUND=return] files > #netmasks: nisplus [NOTFOUND=return] files > > bootparams: nisplus [NOTFOUND=return] files > > ethers: files > netmasks: files > networks: files > protocols: files winbind > rpc: files > services: files winbind > > netgroup: files winbind > > publickey: nisplus > > automount: files winbind > aliases: files nisplus > > > > > > And the /etc/krb5.conf > > > [libdefaults] > default_realm = MCASCHOOL.NET > > [realms] > MCASCHOOL.NET = { > kdc = srvdc01.mcaschool.net > } > > [domain_realm] > .mcaschool.net = MCASCHOOL.NET > mcaschool.net = MCASCHOOL.NET > > > > here is the /etc/hosts > > # Do not remove the following line, or various programs # that require > network functionality will fail. > 127.0.0.1 srvfs-01 localhost.localdomain localhost > 192.168.0.5 srvfs-01 srvfs-01.mcaschool.net srvfs-01 > > > > And last but not least the /etc/resolv.conf > > domain mcaschool.net > nameserver 192.168.0.2 > > > > This one has me totally stumped, because one of the servers that is > running is running an exactly identical hardware set > > Any suggestions would be most helpful > > > > Timothy A. Holmes > > IT Manager / Webmaster / Science Teacher > > Medina Christian Academy > A Higher Standard... > > Jeremiah 33:3 > Jeremiah 29:11 > Esther 4:14 > > Timothy A. Holmes > > IT Manager / Webmaster / Science Teacher > > Medina Christian Academy > A Higher Standard... > > Jeremiah 33:3 > Jeremiah 29:11 > Esther 4:14 > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba