[Samba] net ads join error
This is more than likely a rookie config problem but when I try to add the server to the ADS domain with: $net ads join I get: [*DATESTAMP*] libads/kerberos.c:get_service_tickets(335) get_service_ticket: kerberos_kinit_password [EMAIL PROTECTED] failed: Preauthentication failed Segmentation fault Redhat ES 3. samba-3.0.10 my /etc/krb5.conf was taken from another machine that it works on.. same os.. same samba level... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] User authentication to AD200X, need local users?
I am trying to get user authentication in a 200X AD to have domain users see the samba shares (RH ES3, samba 3.0.9-1). I can see the shares, but when I try to access any of the shares, I get prompted for a username and password and this is what shows up in the log.winbindd file --- [2004/12/29 08:17:37, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'robl' does not exist [2004/12/29 08:17:37, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'ROBL' does not exist [2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'luser-ibmlptp2$' does not exist [2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'luser-ibmlptp2$' does not exist [2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'LUSER-IBMLPTP2$' does not exist - robl the user I'm logged into and LUSER-IBMLPTP2 is the computer name. I can get a listing of the domain users from the linux machine with the wbinfo command: - [EMAIL PROTECTED] samba]# wbinfo -u TESTER+Administrator TESTER+Guest TESTER+SUPPORT_388945a0 TESTER+TEST1$ TESTER+krbtgt TESTER+pauld TESTER+robl TESTER+tester1 TESTER+tester2 TESTER+tester3 TESTER+TEST2$ TESTER+gort$ TESTER+LUSER-IBMLPTP2$ -- It may be that I have to config another file in pam.d. here is my pam.d/samba and pam.d/login files (respectively) #%PAM-1.0 auth sufficient pam_winbind.so auth required pam_unix.so nullok accountsufficient pam_winbind.so accountrequired pam_unix.so sessionrequired pam_unix.so password required pam_unix.so -- #%PAM-1.0 auth required pam_securetty.so auth required pam_stack.so service=system-auth auth required pam_nologin.so accountrequired pam_stack.so service=system-auth password required pam_stack.so service=system-auth sessionrequired pam_stack.so service=system-auth sessionoptional pam_console.so --- and smb.conf... - [global] netbios name = Gort server string = Gort workgroup = TESTER os level = 20 encrypt passwords = yes security = ADS password server = test1.tester.randd.com realm = TESTER.RANDD.COM winbind separator = + winbind uid = 1-2 winbind gid = 1-2 winbind enum groups = yes winbind enum users = yes [space] comment = Test Share browseable = yes writeable = yes public = yes any input would be great. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SUMMARY:Re: User authentication to AD200X, need local users?
getent passwd gave me local users only. In my nsswitch.conf file I had passwd: winbind compat shadow: winbind compat group: winbind compat I changed that to passwd: files winbind shadow: files group: files winbind and everything is happy. thanks jht for the brain-jar On Wed, 29 Dec 2004 08:26:51 -0800, spike1197 [EMAIL PROTECTED] wrote: I am trying to get user authentication in a 200X AD to have domain users see the samba shares (RH ES3, samba 3.0.9-1). I can see the shares, but when I try to access any of the shares, I get prompted for a username and password and this is what shows up in the log.winbindd file --- [2004/12/29 08:17:37, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'robl' does not exist [2004/12/29 08:17:37, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'ROBL' does not exist [2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'luser-ibmlptp2$' does not exist [2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'luser-ibmlptp2$' does not exist [2004/12/29 08:17:53, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(161) user 'LUSER-IBMLPTP2$' does not exist - robl the user I'm logged into and LUSER-IBMLPTP2 is the computer name. I can get a listing of the domain users from the linux machine with the wbinfo command: - [EMAIL PROTECTED] samba]# wbinfo -u TESTER+Administrator TESTER+Guest TESTER+SUPPORT_388945a0 TESTER+TEST1$ TESTER+krbtgt TESTER+pauld TESTER+robl TESTER+tester1 TESTER+tester2 TESTER+tester3 TESTER+TEST2$ TESTER+gort$ TESTER+LUSER-IBMLPTP2$ -- It may be that I have to config another file in pam.d. here is my pam.d/samba and pam.d/login files (respectively) #%PAM-1.0 auth sufficient pam_winbind.so auth required pam_unix.so nullok accountsufficient pam_winbind.so accountrequired pam_unix.so sessionrequired pam_unix.so password required pam_unix.so -- #%PAM-1.0 auth required pam_securetty.so auth required pam_stack.so service=system-auth auth required pam_nologin.so accountrequired pam_stack.so service=system-auth password required pam_stack.so service=system-auth sessionrequired pam_stack.so service=system-auth sessionoptional pam_console.so --- and smb.conf... - [global] netbios name = Gort server string = Gort workgroup = TESTER os level = 20 encrypt passwords = yes security = ADS password server = test1.tester.randd.com realm = TESTER.RANDD.COM winbind separator = + winbind uid = 1-2 winbind gid = 1-2 winbind enum groups = yes winbind enum users = yes [space] comment = Test Share browseable = yes writeable = yes public = yes any input would be great. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba