samba + winbindd with NT-DC problem... i'm stuck.

Fri, 10 Oct 2003 03:29:34 -0700 

Hello Group,

I'm really stuck here.  I try to get an samba to authenticate it's users
nicely
against an NT-DC, which will later be upgraded to W2K or W2K3

My system : Suse 8.1, samba-2.2.5-80, samba-client-2.2.5-80

My test-config for smb:
[global]
    winbind separator = +
    winbind cache time = 0
    template shell = /bin/bash
    template homedir = /home/%D/%U
    winbind uid = 10000-20000
    winbind gid = 10000-20000
    workgroup = FOERDE
    security = domain
    encrypt passwords = Yes
    password server = SMSERVER SERVER01
[daten]
    path = /srv/samba/daten
    writeable = no
    write list = root FOERDE+300
    valid users = root 300 FOERDE+300 @FOERDE+218

winbindd runs as daemon, "wbinfo -u" and  "wbinfo -g"  gives the right
domain users & groups,
as well as "getent group"  and   "getent passwd".
strangely even ...
  # wbinfo -a foerde+300%password
works with an output of...
  plaintext password authentication succeeded
  error code was NT_STATUS_OK (0x0)
  challenge/response password authentication succeeded
  error code was NT_STATUS_OK (0x0)

I inserted in /etc/nsswitch.conf
  passwd: files winbind
  group:  files winbind
  shadow: files winbind nis
to activate winbind. I have not changed anything in PAM because I only need
Domain Users
to access Win-Shares, not to login or anything else.
But with ... :
  web1-50:~ # smbclient //web3-77/daten -U 300 -W foerde
i only get this output... :
  added interface ip=150.10.30.50 bcast=150.10.30.255 nmask=255.255.255.0
  added interface ip=10.1.110.20 bcast=10.1.110.255 nmask=255.255.255.0
  Password: *****
  Domain=[FOERDE] OS=[Unix] Server=[Samba 2.2.5]
  tree connect failed: NT_STATUS_WRONG_PASSWORD

Logfiles :
messages: nothing
log.winbind : nothing
log.smbd : nothing
log.nmbd : nothing

With a wrong PW i get logentries "Error was NT_STATUS_WRONG_PASSWORD."
which seems right. But nothing with right PW. Sadly no logon as well. My
Testuser is "300",
as you can see i tryed some different syntax for user in smb.conf as well as
in smbclient. No good.

What am I doing wrong ? Especially because "wbinfo -a" works, I thought I
was quite close.
But I didn't make any progress for days now..
What did I forget ?

Please Help..

Bj�rn Andersen

Reply via email to