Well, I got past the part about the "ads server" parameter... :)
Now, it appears that nobody in the AD Domain can log into (and use) any
resources on the Samba share.
If I set "security = ads" on Samba, then nobody can log into the server -
period.
A couple of silly questions at this point (before I go completely mad)...
1) Is there any requirement that LDAP be functioning on the Samba machine?
2) Are there any hidden dependancies (like PAM) that are required to make this
work?
More background: The Samba machine has successfully joined the domain (it
shows up in AD Users and Computers), kinit works fine when logging in as
Administrator.
Here is the dump from klist:
[EMAIL PROTECTED]:~# klist -e
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [EMAIL PROTECTED]
Valid starting ExpiresService principal
10/11/03 21:25:32 10/12/03 07:25:34 krbtgt/[EMAIL PROTECTED]
renew until 10/12/03 21:25:32, Etype (skey, tkt): ArcFour with
HMAC/md5, ArcFour with HMAC/md5
10/11/03 21:34:16 10/12/03 07:25:34 [EMAIL PROTECTED]
renew until 10/12/03 21:25:32, Etype (skey, tkt): ArcFour with
HMAC/md5, ArcFour with HMAC/md5
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
[EMAIL PROTECTED]:~#
Here is the top of my smb.conf:
[global]
workgroup = RONGAGE
netbios name = RAID
server string = Samba Server
load printers = no
idmap uid = 1-2
idmap gid = 1-2
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
security = ads
password server = domain.rongage.org
encrypt passwords = yes
realm = rongage.org
What the heck am I doing wrong here?
--
Ron Gage - LPIC1, A+, Net+
Pontiac, Michigan
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
