RE: [Samba] WINBIND HELP!!!!
I had a similar problem when I first set up winbind. Try adding this line to the smb.conf file: winbind use default domain = yes That'll automatically add "domain_" to the beginning of each user login attempt. Shannon Johnson Network Support Specialist / Systems Administrator Dept. of Mechanical and Nuclear Engineering 224 Reber Building University Park, PA 16802 Phone: (814) 865-8267 > -Original Message- > From: Sean Kennedy [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 27, 2004 4:14 PM > To: [EMAIL PROTECTED] > Subject: Re: [Samba] WINBIND HELP > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Talwar, Puneet (NIH/NIAID) wrote: > > |HI, > | > |I am trying to setup winbind on Samba 3.0.2 running on Red Hat AS 3.0. I > |have completed most of the steps of setting up winbind successfully > but when > |it came for me to login in using the AD account username and password, it > |didn't allow me to login. the error message i am getting is incorrect > |password or check username. During the setup i tested the wbinfo -u > command > |and i was successfully able to query the AD username list from the MS PDC > |server. > | > |if anyone is encountered similar problem i would glad to listen in on how > |fix this issue. > | > |thanks, > > Having never used RH AS 3, I'm not sure if this applies, nor do I know > what you've done thus far, but... > > Have you modified your pam files yet? > > - -- > Sean Kennedy > PGP public key: http://tpno.org/keys/0xFC1C377F.asc > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.3 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFAjr8PIjyA6vwcN38RAnReAJ0dA41kwEPOK+xb3RKSOHSM0Wia8QCfWMxq > yq0lgN+aaQyyzWaosrtSnko= > =b1Kv > -END PGP SIGNATURE- > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WINBIND HELP!!!!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Talwar, Puneet (NIH/NIAID) wrote: |HI, | |I am trying to setup winbind on Samba 3.0.2 running on Red Hat AS 3.0. I |have completed most of the steps of setting up winbind successfully but when |it came for me to login in using the AD account username and password, it |didn't allow me to login. the error message i am getting is incorrect |password or check username. During the setup i tested the wbinfo -u command |and i was successfully able to query the AD username list from the MS PDC |server. | |if anyone is encountered similar problem i would glad to listen in on how |fix this issue. | |thanks, Having never used RH AS 3, I'm not sure if this applies, nor do I know what you've done thus far, but... Have you modified your pam files yet? - -- Sean Kennedy PGP public key: http://tpno.org/keys/0xFC1C377F.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAjr8PIjyA6vwcN38RAnReAJ0dA41kwEPOK+xb3RKSOHSM0Wia8QCfWMxq yq0lgN+aaQyyzWaosrtSnko= =b1Kv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind help
On Sat, 28 Feb 2004, =?iso-8859-1?Q? Stefan=20G=FCnther ?= wrote: > Hi, > > SuSE prefers to start the nscd which (my experience) blocks to access to the PDC. > /etc/init.d/nscd stop This has bitten me badly a few times also. Why do I keep forgetting to shut nscd off? Doh! - John T. > > was a pure success for me. > > Good luck. > > Stefan > > [EMAIL PROTECTED] schrieb am 28.02.04 02:48:27: > > > > I have a Suse 9 server setup with Samba 2.2.8 as the PDC. > > > > I would like to log the domain\username in the squid logs, so it looks > > like I will need to setup winbind and ntml to get this. > > > > Is there something special needed to be done when setting up winbind and > > samba to not go out to authenticate to an NT PDC? > > > > I currently have been able to get winbind setup to partially work. > > > > wbinfo -t works > > wbinfo -u works > > wbinfo -g works > > > > but once I try to authenticate a user, I get: > > > > winbindd[2580]: cli_pipe: return critical error. Error was Call timed > > out: server did not respond after 2 milliseconds > > > > in the /var/log/messages log. > > > > the funny part is, if I use an incorrect password on "wbinfo -a > > domain\\user%passwd" it will return imediately telling the password is > > wrong. > > > > Here is the important setting in smb.conf: > > > > #password server = * > > #security = domain > > winbind uid = 1-2 > > winbind gid = 1-2 > > #winbind use default domain = yes > > #winbind separator = + > > winbind enum users = yes > > winbind enum groups = yes > > > > I have tried various settings with "password server" and "security" with > > no luck, they are currently commented out. > > > > Help!!! > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > __ > Extra-Konto: 2,50 %* Zinsen p. a. ab dem ersten Euro! Nur hier mit 25 > Euro-Tankgutschein & ExtraPramie! https://extrakonto.web.de/?mc=021110 > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind help
Hi, SuSE prefers to start the nscd which (my experience) blocks to access to the PDC. /etc/init.d/nscd stop was a pure success for me. Good luck. Stefan [EMAIL PROTECTED] schrieb am 28.02.04 02:48:27: > > I have a Suse 9 server setup with Samba 2.2.8 as the PDC. > > I would like to log the domain\username in the squid logs, so it looks > like I will need to setup winbind and ntml to get this. > > Is there something special needed to be done when setting up winbind and > samba to not go out to authenticate to an NT PDC? > > I currently have been able to get winbind setup to partially work. > > wbinfo -t works > wbinfo -u works > wbinfo -g works > > but once I try to authenticate a user, I get: > > winbindd[2580]: cli_pipe: return critical error. Error was Call timed > out: server did not respond after 2 milliseconds > > in the /var/log/messages log. > > the funny part is, if I use an incorrect password on "wbinfo -a > domain\\user%passwd" it will return imediately telling the password is > wrong. > > Here is the important setting in smb.conf: > > #password server = * > #security = domain > winbind uid = 1-2 > winbind gid = 1-2 > #winbind use default domain = yes > #winbind separator = + > winbind enum users = yes > winbind enum groups = yes > > I have tried various settings with "password server" and "security" with > no luck, they are currently commented out. > > Help!!! > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba __ Extra-Konto: 2,50 %* Zinsen p. a. ab dem ersten Euro! Nur hier mit 25 Euro-Tankgutschein & ExtraPramie! https://extrakonto.web.de/?mc=021110 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind help?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Ely wrote: | Hi there. | | I've posted a couple of winbind-related queries to the group over the | last couple of months, but have yet to get a reply. I've read the | official howto, as well as any other documentation I could get my hands | on, but am at an end to my personal understanding. | | Is there a separate mailinglist for winbind users, or have I simply | asked a question nobody knows the answer to? (my last question was | posted today). No. This is the right place. Just been noisy lately. I'll look at your previous post next. cheers, jerry ~ -- ~ Hewlett-Packard- http://www.hp.com ~ SAMBA Team -- http://www.samba.org ~ GnuPG Key http://www.plainjoe.org/gpg_public.asc ~ "You can never go home again, Oatman, but I guess you can shop there." ~--John Cusack - "Grosse Point Blank" (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/oqJhIR7qMdg1EfYRAp56AJ0fb0/I3hlYChPf3jls5Jhz/k7bawCg8hNQ HCYCyzpT6RGiHUlFN+ts3Oc= =/sEI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind help for newbie
I just tried it... It didn't error or anythingit just came back to a prompt... At which point I ran Wbinfo -m And still got LMCMIG For what it's worthThis is an NT4 domain. I noticed in the link you sent, it seemed to talk about a win2k domain Thanks for trying :-) (man this is frustrating) Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, December 16, 2002 2:55 PM To: LaSusa, Dan; [EMAIL PROTECTED] Subject: RE: [Samba] winbind help for newbie Have you run wbinfo -A Administrator%password ? http://marc.theaimsgroup.com/?l=samba&m=103848311516255&w=2 ~ Daniel > -Original Message- > From: LaSusa, Dan [mailto:[EMAIL PROTECTED]] > Sent: Saturday, December 14, 2002 11:30 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [Samba] winbind help for newbie > > > Following up with more info... > > When I run: > > ./winbindd -i -d 1 > winbindd version 2.2.7 started. > Copyright The Samba Team 2000-2001 > Added domain LMC (S-1-5-21-1530202311-1617714320-7473742) > getting trusted domain list > Added domain LMCMIG (S-1-5-21-1039822437-107361799-1990678075) > > So it looks like it's adding the LMC Domain (which is what I > want) but then > adds LMCMIG too (which if fine, but I don't really need) it > almost seems to > replace LMC with LMCMIG. > > When I then run > > wbinfo -m > > all I get is > > LMCMIG! > > I don't get it?!? > > Dan > > -----Original Message----- > From: LaSusa, Dan [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 12:46 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [Samba] winbind help for newbie > > > I joined the domain (LMC) with the following command > > Smbpasswd -j LMC -r LMC_EXC1 (this is our PDC) -U administrator > > I then got prompted for the password, I entered it > > And got the message "Joined the LMC Domain" > > Then I stopped and restarted the smb service > > Did a wbinfo -u and then -g and still got info for the LMCMIG domain. > > I then went into the smb.conf file, changed > > Password server = * > > To > > Password server = LMC_EXC1 > > Restarted smb > > Still got the info for LMCMIG > > Went back into smb.conf > > Changed > > Password server = LMC_EXC1 > > To > > Password server = (IP address of server) > > Restarted smb > > Still no luck. > > Does SMB or Winbind have the info cached somewhere? Is there > a way to flush > that cache??? > > Thanks for your help! > > -Original Message- > From: Errol Neal [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 12:26 PM > To: LaSusa, Dan > Subject: Re: [Samba] winbind help for newbie > > > At 11:44 AM 12/13/2002 -0500, you wrote: > >I've been looking thru manpages and online for help. > > > >I *think* I've got winbind mostly setup (somehow) but it seems to be > >using the wrong Domain. > > > >Some info: > >I am running RH7.3 > >Kernel 2.4.18-3 > >Samba 2.2.7 > > > >In my smb.conf file I have: > >[global] > > security = Domain > > workgroup = LMC > > > > winbind separator = + > > winbind uid = 1-2 > > winbind gid = 1-2 > > winbind enum users = yes > > winbind enum goups = yes > > winbind cache time = 10 > > > >In my nsswitch.conf file I have: > > > >passwd:files winbind > >shadow:files winbind > >group: files winbind > > > >When I do a wbinfo -u or -g I get the info for our LMCMIG domain. > > > >Why is it using the LMCMIG domain instead of what I have in the > >smb.conf file? How do I tell it to use LMC?? > > > >I am a newbie to all of this > > > >If I should be looking or asking elsewhereplease just let me > >know... > > > >Thanks for any help! > > > >Dan > > > > > You might want to try the password server parameter. How did > you join the > domain? Did you specifiy the IP address of the password server? > > > Errol > > > --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind help for newbie
Have you run wbinfo -A Administrator%password ? http://marc.theaimsgroup.com/?l=samba&m=103848311516255&w=2 ~ Daniel > -Original Message- > From: LaSusa, Dan [mailto:[EMAIL PROTECTED]] > Sent: Saturday, December 14, 2002 11:30 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [Samba] winbind help for newbie > > > Following up with more info... > > When I run: > > ./winbindd -i -d 1 > winbindd version 2.2.7 started. > Copyright The Samba Team 2000-2001 > Added domain LMC (S-1-5-21-1530202311-1617714320-7473742) > getting trusted domain list > Added domain LMCMIG (S-1-5-21-1039822437-107361799-1990678075) > > So it looks like it's adding the LMC Domain (which is what I > want) but then > adds LMCMIG too (which if fine, but I don't really need) it > almost seems to > replace LMC with LMCMIG. > > When I then run > > wbinfo -m > > all I get is > > LMCMIG! > > I don't get it?!? > > Dan > > -Original Message- > From: LaSusa, Dan [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 12:46 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [Samba] winbind help for newbie > > > I joined the domain (LMC) with the following command > > Smbpasswd -j LMC -r LMC_EXC1 (this is our PDC) -U administrator > > I then got prompted for the password, I entered it > > And got the message "Joined the LMC Domain" > > Then I stopped and restarted the smb service > > Did a wbinfo -u and then -g and still got info for the LMCMIG domain. > > I then went into the smb.conf file, changed > > Password server = * > > To > > Password server = LMC_EXC1 > > Restarted smb > > Still got the info for LMCMIG > > Went back into smb.conf > > Changed > > Password server = LMC_EXC1 > > To > > Password server = (IP address of server) > > Restarted smb > > Still no luck. > > Does SMB or Winbind have the info cached somewhere? Is there > a way to flush > that cache??? > > Thanks for your help! > > -Original Message- > From: Errol Neal [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 12:26 PM > To: LaSusa, Dan > Subject: Re: [Samba] winbind help for newbie > > > At 11:44 AM 12/13/2002 -0500, you wrote: > >I've been looking thru manpages and online for help. > > > >I *think* I've got winbind mostly setup (somehow) but it seems to be > >using the wrong Domain. > > > >Some info: > >I am running RH7.3 > >Kernel 2.4.18-3 > >Samba 2.2.7 > > > >In my smb.conf file I have: > >[global] > > security = Domain > > workgroup = LMC > > > > winbind separator = + > > winbind uid = 1-2 > > winbind gid = 1-2 > > winbind enum users = yes > > winbind enum goups = yes > > winbind cache time = 10 > > > >In my nsswitch.conf file I have: > > > >passwd:files winbind > >shadow:files winbind > >group: files winbind > > > >When I do a wbinfo -u or -g I get the info for our LMCMIG domain. > > > >Why is it using the LMCMIG domain instead of what I have in the > >smb.conf file? How do I tell it to use LMC?? > > > >I am a newbie to all of this > > > >If I should be looking or asking elsewhereplease just let me > >know... > > > >Thanks for any help! > > > >Dan > > > > > You might want to try the password server parameter. How did > you join the > domain? Did you specifiy the IP address of the password server? > > > Errol > > > --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind help for newbie
Following up with more info... When I run: ./winbindd -i -d 1 winbindd version 2.2.7 started. Copyright The Samba Team 2000-2001 Added domain LMC (S-1-5-21-1530202311-1617714320-7473742) getting trusted domain list Added domain LMCMIG (S-1-5-21-1039822437-107361799-1990678075) So it looks like it's adding the LMC Domain (which is what I want) but then adds LMCMIG too (which if fine, but I don't really need) it almost seems to replace LMC with LMCMIG. When I then run wbinfo -m all I get is LMCMIG! I don't get it?!? Dan -Original Message- From: LaSusa, Dan [mailto:[EMAIL PROTECTED]] Sent: Friday, December 13, 2002 12:46 PM To: '[EMAIL PROTECTED]' Subject: RE: [Samba] winbind help for newbie I joined the domain (LMC) with the following command Smbpasswd -j LMC -r LMC_EXC1 (this is our PDC) -U administrator I then got prompted for the password, I entered it And got the message "Joined the LMC Domain" Then I stopped and restarted the smb service Did a wbinfo -u and then -g and still got info for the LMCMIG domain. I then went into the smb.conf file, changed Password server = * To Password server = LMC_EXC1 Restarted smb Still got the info for LMCMIG Went back into smb.conf Changed Password server = LMC_EXC1 To Password server = (IP address of server) Restarted smb Still no luck. Does SMB or Winbind have the info cached somewhere? Is there a way to flush that cache??? Thanks for your help! -Original Message- From: Errol Neal [mailto:[EMAIL PROTECTED]] Sent: Friday, December 13, 2002 12:26 PM To: LaSusa, Dan Subject: Re: [Samba] winbind help for newbie At 11:44 AM 12/13/2002 -0500, you wrote: >I've been looking thru manpages and online for help. > >I *think* I've got winbind mostly setup (somehow) but it seems to be >using the wrong Domain. > >Some info: >I am running RH7.3 >Kernel 2.4.18-3 >Samba 2.2.7 > >In my smb.conf file I have: >[global] > security = Domain > workgroup = LMC > > winbind separator = + > winbind uid = 1-2 > winbind gid = 1-2 > winbind enum users = yes > winbind enum goups = yes > winbind cache time = 10 > >In my nsswitch.conf file I have: > >passwd:files winbind >shadow:files winbind >group: files winbind > >When I do a wbinfo -u or -g I get the info for our LMCMIG domain. > >Why is it using the LMCMIG domain instead of what I have in the >smb.conf file? How do I tell it to use LMC?? > >I am a newbie to all of this > >If I should be looking or asking elsewhereplease just let me >know... > >Thanks for any help! > >Dan > You might want to try the password server parameter. How did you join the domain? Did you specifiy the IP address of the password server? Errol -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind help for newbie
I joined the domain (LMC) with the following command Smbpasswd -j LMC -r LMC_EXC1 (this is our PDC) -U administrator I then got prompted for the password, I entered it And got the message "Joined the LMC Domain" Then I stopped and restarted the smb service Did a wbinfo -u and then -g and still got info for the LMCMIG domain. I then went into the smb.conf file, changed Password server = * To Password server = LMC_EXC1 Restarted smb Still got the info for LMCMIG Went back into smb.conf Changed Password server = LMC_EXC1 To Password server = (IP address of server) Restarted smb Still no luck. Does SMB or Winbind have the info cached somewhere? Is there a way to flush that cache??? Thanks for your help! -Original Message- From: Errol Neal [mailto:[EMAIL PROTECTED]] Sent: Friday, December 13, 2002 12:26 PM To: LaSusa, Dan Subject: Re: [Samba] winbind help for newbie At 11:44 AM 12/13/2002 -0500, you wrote: >I've been looking thru manpages and online for help. > >I *think* I've got winbind mostly setup (somehow) but it seems to be >using the wrong Domain. > >Some info: >I am running RH7.3 >Kernel 2.4.18-3 >Samba 2.2.7 > >In my smb.conf file I have: >[global] > security = Domain > workgroup = LMC > > winbind separator = + > winbind uid = 1-2 > winbind gid = 1-2 > winbind enum users = yes > winbind enum goups = yes > winbind cache time = 10 > >In my nsswitch.conf file I have: > >passwd:files winbind >shadow:files winbind >group: files winbind > >When I do a wbinfo -u or -g I get the info for our LMCMIG domain. > >Why is it using the LMCMIG domain instead of what I have in the >smb.conf file? How do I tell it to use LMC?? > >I am a newbie to all of this > >If I should be looking or asking elsewhereplease just let me >know... > >Thanks for any help! > >Dan > You might want to try the password server parameter. How did you join the domain? Did you specifiy the IP address of the password server? Errol -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winbind help
> -Original Message- > From: Agus Santosa [mailto:agus.santosa@;telkom.net] > The message when I type : winbind -t is > > [root@att /]# wbinfo -t > Could not check secret > > Do you have any ideas?? I'd try re-joining the domain. Be sure to remove the machine account and create a new one, first, using Server Manager. Then use smbpasswd -j to join. (I've had better luck with this method than with trying to do the whole procedure automatically using smbpasswd.) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind help
Sir, The message when I type : winbind -t is [root@att /]# wbinfo -t Could not check secret Do you have any ideas?? Thank you, Agus Santosa On Tue, 29 Oct 2002 09:56:45 -0500 David Brodbeck <[EMAIL PROTECTED]> wrote: -Original Message- From: Agus Santosa [mailto:agus.santosa@;telkom.net] When I put 'wbinfo -u' always give me an error, can any one help me ?? ==> Error looking up domain users What do you get from 'wbinfo -t'? If it says 'Secret is bad', you aren't joined to the domain properly. = Ikuti polling TELKOM Memo 166 di www.plasa.com dan menangkan hadiah masing-masing Rp 250.000 tunai. = -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winbind help
> -Original Message- > From: Agus Santosa [mailto:agus.santosa@;telkom.net] > When I put 'wbinfo -u' > > always give me an error, can any one help me ?? > > ==> Error looking up domain users What do you get from 'wbinfo -t'? If it says 'Secret is bad', you aren't joined to the domain properly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind help
> Message: 4 > From: "Simeonidis, Steve" <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Date: Mon, 30 Sep 2002 16:48:52 +1000 > Subject: [Samba] Winbind help > > Hi everyone, > > I've been trying to use winbind in order to > connect to WinNT PDC for authenticating user and > also mapping user/group ids. > > We are using RH 7.3 Samba 2.2.3a > > I've followed the instruction provided in the document > "Unified Logons between WindowsNT and UNIX using Winbind" > > We only want to authenticate SAMBA users so I've skipped the > /etc/pam.d/* changes. > > This is the "impertant" entries of my smb.conf file >workgroup = groupserv_melb >netbios name = linux-smb >netbios aliases = linux-test > >winbind separator = + >winbind uid = 1-2 >winbind gid = 1-2 >winbind enum users = yes >winbind enum groups = yes >template homedir = /home/winnt/%D/%U >template shell = /bin/bash > >password server = 138.79.130.20 Rather use 'password server = *' for winbind >encrypt passwords = yes >smb passwd file = /etc/samba/smbpasswd >unix password sync = Yes >passwd program = /usr/bin/passwd %u > >add user script = /usr/sbin/useradd -d /home/winnt/%D/%U -s /bin/false -M > %U Don't use this. > > The domain has been joined using smbpasswd > > Here are my questions: > Everytime I enable domain logons on SAMBA and try the > "wbinfo -t" I get Bad secret > When the domain logons is disabled then the secret is good. You shouldn't have domain logons enabled with winbind in 2.2.x. > > if I type "wbinfo -u" I get all the domain users not a problem > the same with the "wbinfo -g" for groups. Even when wbinfo -t doesn't work? > > > Using the "add user script =" parameter trying to access the domain > using smbclient eg. > "smbclient //linux-smb/homes -W groupserv_melb -I 138.79.161.225 -U > tst-steve" > The home directory doesn't get created properly. The %D option is EMPTY. > The user gets created in passwd/group/shadow but the HOME directory > DOESN'T?? > > I get something like > tst-steve:x:10058:10058::/home/winnt//tst-steve:/bin/false > in the passwd file (with 2 // instead of the DOMAIN Name). Rather use pam_mkhomedir, and enable pam session support in smb.conf to force samba to use pam_mkhomedir. > > Also winbindd log file complains about port 445 on the PDC > [2002/09/30 16:02:24, 2] lib/util_sock.c:open_socket_out(858) > error connecting to 138.79.130.20:445 (Connection refused) > What does that port do? > This isn't relevant to your problem AFAIK. > > So what is the best way to do it if I want to authenticate the users from the > WindowsNT PDC and also give them access to SAMBA shares using the Windows > NT permissions? Install Mandrake 9.0 using a network install, you can join the domain during installation. If you can't do a network install, you may need to do some stuff manually. ACLs are supported on XFS and ext2/ext3 (but, you must choose 'acl' as a mount option for them before it will work). If you can't get 9.0, 8.2 with the Mandrake RPMs from ftp.samba.org will get you about the same place as a non-network install of 9.0, except only ACLs on XFS. To get ACLs on RH7.x, you need to get the install ISO from SGI's XFS site, or rebuild the kernel and samba yourselfwith acl support. I am not sure about 8.0. You will find some relevant files in either samba CVS or Mandrake CVS, with examples for using pam_mkhomedir etc. Some of this is covered in http://ranger.dnsalias.com/mandrake/muo/connect/csamba5.html#winbind Regards, Buchan -- |Registered Linux User #182071-| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba