I'm hoping someone has seen this before and knows how to resolve it.
I am using samba 3.2.4 with a Windows 2008 AD. Samba is configured with
security = ADS and works correctly from computers logged into the domain,
but does not allow users that are not in the domain to login by specifying
their username, without domain included, when trying to access a share. The
user can access the share when they specify DOMAINNAME\USERNAME.
I have tried using a user map and user map script, but neither one seem to
resolve this issue.
Does anyone know how to make samba add the DOMAINNAME to the username before
passing it to the domain controller?
Thanks
-Russ
Details:
This system is running solaris 10, which has an underlying nis providing
user information.
Smb.conf global section:
[global]
workgroup = DOMAINNAME
netbios name = servername
netbios aliases = servername2
server string = TEST Samba Server
os level = 0
domain master = no
local master = no
realm = FQDNINCAPS
security = ADS
encrypt passwords = Yes
restrict anonymous = 2
krb5.conf:
[libdefaults]
default_realm = FQDNINCAPS
[realms]
FQDNINCAPS = {
kdc = domaincontroller
}
[domain_realms]
.kerberos.server = FQDNINCAPS
Software versions:
openssl 0.9.8k
krb5 1.7, MIT
openldap 2.4.16
samba 3.2.4
--
+--
| Russ Ward
+--
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba