[Samba] Newbie using John T's Examples (AD)

Fri, 04 Aug 2006 12:44:07 -0700 

I'm following along with John T's examples book and I'm still
befuddled on getting Samba working.

The server is Fedora Core 5, Samba 3.0.23a-1.fc5.1
PDC is W2K SP4 with AD

I basically copied/pasted the example smb.conf and nsswitch.conf to
get a basic working config. The lines "template primary group" gave
problems so I removed that one line.

I run testparm -s and get:

[EMAIL PROTECTED] samba]# testparm -s
Load smb config files from /etc/samba/smb.conf
Processing section "[shared]"
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
<<-- What's that all about?
Server role: ROLE_DOMAIN_MEMBER

Here's smb.conf as reported by testparm:

[global]
       unix charset = LOCALE
       workgroup = CONVEYORS
       realm = WWW.SYSTECCONVEYORS.COM
       server string = Cartman File Server
       security = ADS
       username map = /etc/samba/smbusers
       log level = 1
       syslog = 0
       log file = /var/log/samba/%m
       max log size = 50
       printcap name = CUPS
       ldap ssl = no
       idmap uid = 10000-20000
       idmap gid = 10000-20000
       template shell = /bin/bash
       winbind separator = +

[shared]
       comment = Shared Folder
       path = /home/shared
       read only = No
[EMAIL PROTECTED] samba]#

nsswitch.conf:

passwd:         files ldap
shadow:         files ldap
group:          files ldap

hosts:          files dns wins
networks:       files dns

services:       files
protocols:      files
rpc:            files
ethers:         files
netmasks:       files
netgroup:       files
publickey:      files

bootparams:     files
automount:      files
aliases:        files

The Fedora box joins properly.

[EMAIL PROTECTED] etc]# net ads join -UAdministrator%##########
Using short domain name -- CONVEYORS
Joined 'CARTMAN' to realm 'WWW.SYSTECCONVEYORS.COM'

I then start smb and winbind.

[EMAIL PROTECTED] etc]# /etc/rc.d/init.d/smb start
Starting SMB services:                                     [  OK  ]
Starting NMB services:                                     [  OK  ]
[EMAIL PROTECTED] etc]# /etc/rc.d/init.d/winbind start
Starting Winbind services:                                 [  OK  ]

On my XP-SP2 workstation I go to Network Neighborhood, and in
CONVEYORS I see the Fedora server there. I double click and it gives
me:

"\\CARTMAN is not accessible. You might not have permission ..." yadda
yadda yadda

wbinfo -u and wbinfo -g give me the names and groups as defined in the
AD realm. However as John writes in the examples getent passwd and
getent group do not. These just show me the linux groups and users and
nothing from the AD.

Ideas?

-- Mike
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Reply via email to