Re: [Samba] Samba version 3.0.23d-1 and joining a Windows Domain
On Tuesday 02 January 2007 01:29, Bryan Jones wrote: > All, > > I installed the new version of samba on my Redhat 9.0 server. I have samba running on another Redhat 9.0 server and the version of samba on that box is 3.0.21c-1 and this server has successfully joined a W2K Domain. I am trying to migrate the data from the host that works to the new host. You need really security = DOMAIN (not ADS)? That is mean you select NT-style auth (pre-Windows 2000, didn't use Kerberos). 1. Had you have started winbind? 2. wbinfo -p? 3.In DC appeared your server object? -- With Best Regards. Rashid N. Achilov (RNA1-RIPE), Web: http://www.askd.ru/~shelton OOO "ACK" telecommunications administrator, e-mail: achilov-rn [at] askd.ru PGP: 83 CD E2 A7 37 4A D5 81 D6 D6 52 BF C9 2F 85 AF 97 BE CB 0A -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba version 3.0.23d-1 and joining a Windows Domain
Shouldn't security = DOMAIN be ADS instead? 1 jan 2007 kl. 20:29 skrev Bryan Jones: All, I installed the new version of samba on my Redhat 9.0 server. I have samba running on another Redhat 9.0 server and the version of samba on that box is 3.0.21c-1 and this server has successfully joined a W2K Domain. I am trying to migrate the data from the host that works to the new host. Here are the steps that I have taken to try and join to the domain. 1. rpm -i -vv samba-3.0.23d-1.i386.rpm 2. vi /etc/samba/smb.conf [global] netbios name = snow workgroup = STORM server string = Samba Server realm = STORM.THEBUC.COM security = DOMAIN winbind separator = + idmap uid = 10-20 idmap gid = 10-20 winbind enum users = yes winbind enum groups = yes load printers = no encrypt passwords = yes dns proxy = no log level = 10 syslog = 0 log file = /var/log/samba/%m max log size = 500 smb ports = 139 445 name resolve order = hosts wins bcast wins server = 192.168.110.3 [software] comment = Software path = /d0/shares/software read only = No browseable = No guest ok = No [spreadsheets] comment = Spreadsheets path = /d0/shares/spreadsheets read only = No browseable = No guest ok = No [work] comment = Data from Work path = /d0/shares/work read only = No browseable = No guest ok = No 3. vi /etc/hosts 192.168.110.50 snow 192.168.110.3 cyclone 4. testparm SNOW# testparm Load smb config files from /etc/samba/smb.conf Processing section "[software]" Processing section "[spreadsheets]" Processing section "[work]" Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions 5. /etc/init.d/smb start 6. net rpc join -U Administrator -S cyclone Password: Joined domain STORM. 7. vi /etc/nsswitch.conf passwd: compat winbind group: compat winbind hosts: files dns wins 8. service smb stop 9. nmbd ; smbd ; winbindd 10. wbinfo -u Error looking up domain users 11. wbinfo -t checking the trust secret via RPC calls succeeded 12. wbinfo --own-domain STORM 13. net rpc info -U Administrator Password: Domain Name: STORM Domain SID: S-1-5-21-2982344105-4110734383-1059044574 Sequence number: 719 Num users: 34 Num domain groups: 0 Num local groups: 10 14. nmbd; smbd -i -d 3 Maximum core file size limits now 16777216(soft) -1(hard) get_current_groups: user is in 1 groups: 0 smbd version 3.0.23d started. Copyright Andrew Tridgell and the Samba Team 1992-2006 uid=0 gid=0 euid=0 egid=0 lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/etc/samba/ smb.conf" Processing section "[global]" Processing section "[software]" Processing section "[spreadsheets]" Processing section "[work]" adding IPC service reloading printcap cache reload status: ok reloading printcap cache reload status: ok added interface ip=192.168.110.50 bcast=192.168.110.255 nmask=255.255.255.0 loaded services Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-22-1-0] get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-11] se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_chec
[Samba] Samba version 3.0.23d-1 and joining a Windows Domain
All, I installed the new version of samba on my Redhat 9.0 server. I have samba running on another Redhat 9.0 server and the version of samba on that box is 3.0.21c-1 and this server has successfully joined a W2K Domain. I am trying to migrate the data from the host that works to the new host. Here are the steps that I have taken to try and join to the domain. 1. rpm -i -vv samba-3.0.23d-1.i386.rpm 2. vi /etc/samba/smb.conf [global] netbios name = snow workgroup = STORM server string = Samba Server realm = STORM.THEBUC.COM security = DOMAIN winbind separator = + idmap uid = 10-20 idmap gid = 10-20 winbind enum users = yes winbind enum groups = yes load printers = no encrypt passwords = yes dns proxy = no log level = 10 syslog = 0 log file = /var/log/samba/%m max log size = 500 smb ports = 139 445 name resolve order = hosts wins bcast wins server = 192.168.110.3 [software] comment = Software path = /d0/shares/software read only = No browseable = No guest ok = No [spreadsheets] comment = Spreadsheets path = /d0/shares/spreadsheets read only = No browseable = No guest ok = No [work] comment = Data from Work path = /d0/shares/work read only = No browseable = No guest ok = No 3. vi /etc/hosts 192.168.110.50 snow 192.168.110.3 cyclone 4. testparm SNOW# testparm Load smb config files from /etc/samba/smb.conf Processing section "[software]" Processing section "[spreadsheets]" Processing section "[work]" Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions 5. /etc/init.d/smb start 6. net rpc join -U Administrator -S cyclone Password: Joined domain STORM. 7. vi /etc/nsswitch.conf passwd: compat winbind group: compat winbind hosts: files dns wins 8. service smb stop 9. nmbd ; smbd ; winbindd 10. wbinfo -u Error looking up domain users 11. wbinfo -t checking the trust secret via RPC calls succeeded 12. wbinfo --own-domain STORM 13. net rpc info -U Administrator Password: Domain Name: STORM Domain SID: S-1-5-21-2982344105-4110734383-1059044574 Sequence number: 719 Num users: 34 Num domain groups: 0 Num local groups: 10 14. nmbd; smbd -i -d 3 Maximum core file size limits now 16777216(soft) -1(hard) get_current_groups: user is in 1 groups: 0 smbd version 3.0.23d started. Copyright Andrew Tridgell and the Samba Team 1992-2006 uid=0 gid=0 euid=0 egid=0 lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" Processing section "[software]" Processing section "[spreadsheets]" Processing section "[work]" adding IPC service reloading printcap cache reload status: ok reloading printcap cache reload status: ok added interface ip=192.168.110.50 bcast=192.168.110.255 nmask=255.255.255.0 loaded services Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-22-1-0] get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-11] se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: als