I have been trying to setup a Samba 2.2.6 server on FreeBSD 4.7. I want to use my NT4 domain for authentication of users. I am getting confused reading all the documents as to whether I need PAM or not. I have installed Samba successfully and as far as I can tell it looks like it's working:
wbinfo -t returns "Secret is good" wbinfo -u returns a list of all my domain users wbinfo -g returns a list of all domain groups wbinfo -a mydomain+myuser%mypassword returns success for both plaintext and challenge/response - Do I have to use PAM if all I want is to access the following Samba share from my W2K clients? - Should I install Samba configured using --with-winbind, or --with-winbind-auth-challenge as well (I have tried both but neither work) - If I do need PAM, I am reading conflicting info from the /swat/help/PAM-Authentication-And-Samba.html file. It states "Note that Samba always ignores PAM for authentication in the case of encrypt passwords = yes", which I need if I am using security = domain - If I do not need PAM to authenticate and it "appears" that I have installed and configured samba / winbind properly as per the wbinfo lines above, why can't I access the share? - Do I need to create user accounts on the samba server? (I hope not, I understand that's what winbind is for) - Do I need to create any machine accounts? (Other than joining the samba server to the domain.) Here's my smb.conf: # Samba config file created using SWAT # from 10.110.22.40 (10.110.22.40) # Date: 2002/11/16 15:19:26 # Global parameters [global] workgroup = MYDOMAIN security = DOMAIN encrypt passwords = Yes password server = * winbind uid = 10000-20000 winbind gid = 10000-20000 winbind separator = + winbind enum users = yes winbind enum groups = yes log level = 2 wins server = 192.168.0.7 [work] path = /usr/work valid users = @"Domain Users" read only = No Here's my log.smbd: [2002/11/16 15:59:13, 2] param/loadparm.c:do_section(3055) Processing section "[work]" [2002/11/16 15:59:13, 2] lib/interface.c:add_interface(81) added interface ip=10.110.22.78 bcast=10.110.23.255 nmask=255.255.254.0 [2002/11/16 15:59:48, 2] smbd/reply.c:reply_special(92) netbios connect: name1=EDM-GEO name2=EDM-02 [2002/11/16 15:59:48, 2] smbd/reply.c:reply_special(111) netbios connect: local=edm-geo remote=edm-02 [2002/11/16 15:59:48, 2] libsmb/namequery.c:name_query(421) Got a positive name query response from 10.110.22.7 ( 10.110.22.7 ) [2002/11/16 15:59:48, 2] lib/util_sock.c:open_socket_out(874) error connecting to 10.110.22.7:445 (Invalid argument) [2002/11/16 15:59:54, 2] smbd/service.c:make_connection(331) Invalid username/password for work [nobody] [2002/11/16 15:59:56, 2] smbd/service.c:make_connection(331) Invalid username/password for work [nobody] [2002/11/16 16:00:47, 2] smbd/server.c:exit_server(461) Closing connections -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba