[Samba] Access denied-message when joining domain

2007-07-13 Thread Huyth Jenssen 

Hello list.

I have Samba working as a PDC, but when I try to join from a XP computer I
get the message: Access denied. The message appears right after I change
the domain name in the XP network settings and the login window pops up.
My smb.conf is:

[global]
   workgroup = DOMAIN.NAME
   server string = %h server (Samba, Ubuntu)
   obey pam restrictions = Yes
   passdb backend = ldapsam:ldap://127.0.0.1
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
   syslog = 0
   log file = /var/log/samba/log.%m
   max log size = 1000
   logon script = logon.bat
   logon path = \\%N\profiles
   logon drive = H:
   logon home = \\%N\%U\data
   domain logons = Yes
   dns proxy = No
   wins support = Yes
   ldap admin dn = cn=admin,dc=domain,dc=name
   ldap group suffix = ou=groups
   ldap machine suffix = ou=machines
   ldap passwd sync = Yes
   ldap suffix = dc=domain,dc=name
   ldap user suffix = ou=users
   panic action = /usr/share/samba/panic-action %d
   invalid users = root

[homes]
   comment = Home Directories
   path = /home/%S/data
   valid users = %S
   read only = No
   create mask = 0600
   directory mask = 0700
   browseable = No

[netlogon]
   comment = Network Logon Service
   path = /data/samba/netlogon
   write list = @admins
   guest ok = Yes
   share modes = No

[profiles]
   comment = Users profiles
   path = /home/%U/profiles
   read only = No
   create mask = 0600
   directory mask = 0700
   browseable = No

[printers]
   comment = All Printers
   path = /var/spool/samba
   create mask = 0700
   printable = Yes
   browseable = No

[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers



Also, I'm not quite sure if I need a domain. All I want to do is to create
different users with different rights, the data stored will be the same for
everybody, just different rights. Two printers will be shared and I want
everybody to have access to them.  I also want the users to be able to log
in from any computer in the network. Do I need a domain or can this be
solved in another way?

Thankful for any responses.
  Huyth
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Access denied-message when joining domain

2007-07-13 Thread Jason Baker 

I also want the users to be able to log
in from any computer in the network.
This is called roaming profiles, and you will need a domain in order to 
do this, otherwise the user's desktop will not follow them to different 
computers.


*Jason Baker
*/IT Coordinator/


*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.
www.glastender.com http://www.glastender.com

-BEGIN GEEK CODE BLOCK- 
Version: 3.1

GIT$ d- s: a C++$ LU+++$ P+ L++L !E--- W+++ N o? K?
w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- 
r+++ y+++

--END GEEK CODE BLOCK--



Huyth Jenssen wrote:

Hello list.

I have Samba working as a PDC, but when I try to join from a XP 
computer I
get the message: Access denied. The message appears right after I 
change

the domain name in the XP network settings and the login window pops up.
My smb.conf is:

[global]
   workgroup = DOMAIN.NAME
   server string = %h server (Samba, Ubuntu)
   obey pam restrictions = Yes
   passdb backend = ldapsam:ldap://127.0.0.1
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
   syslog = 0
   log file = /var/log/samba/log.%m
   max log size = 1000
   logon script = logon.bat
   logon path = \\%N\profiles
   logon drive = H:
   logon home = \\%N\%U\data
   domain logons = Yes
   dns proxy = No
   wins support = Yes
   ldap admin dn = cn=admin,dc=domain,dc=name
   ldap group suffix = ou=groups
   ldap machine suffix = ou=machines
   ldap passwd sync = Yes
   ldap suffix = dc=domain,dc=name
   ldap user suffix = ou=users
   panic action = /usr/share/samba/panic-action %d
   invalid users = root

[homes]
   comment = Home Directories
   path = /home/%S/data
   valid users = %S
   read only = No
   create mask = 0600
   directory mask = 0700
   browseable = No

[netlogon]
   comment = Network Logon Service
   path = /data/samba/netlogon
   write list = @admins
   guest ok = Yes
   share modes = No

[profiles]
   comment = Users profiles
   path = /home/%U/profiles
   read only = No
   create mask = 0600
   directory mask = 0700
   browseable = No

[printers]
   comment = All Printers
   path = /var/spool/samba
   create mask = 0700
   printable = Yes
   browseable = No

[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers



Also, I'm not quite sure if I need a domain. All I want to do is to 
create
different users with different rights, the data stored will be the 
same for

everybody, just different rights. Two printers will be shared and I want
everybody to have access to them.  I also want the users to be able to 
log

in from any computer in the network. Do I need a domain or can this be
solved in another way?

Thankful for any responses.
  Huyth

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba