Greetings, I'm running Samba on a Debian stable server and have run into a problem I can't seem to get past. It's version 3.2.5. The basic setup is that it authenticates users via 'security = ads' and controls access to individual shares using local groups via 'valid users = @localgroup'. All of the users have accounts in /etc/password and are added to the groups in /etc/group. This has been working great for years.
My problem comes when I install the 'winbind' package in order to get access to ntlm_auth. Once winbindd is running, my local group authentication no longer works. I've tried just about every backend provided via 'idmap backend tdb', or 'idmap backend nss', etc. Depending on the configuration, I sometimes get various winbind errors such as "[2009/09/23 15:06:11, 2] auth/token_util.c:create_local_nt_token(385) WARNING: Failed to create BUILTIN\Administrators group! Can Winbind allocate gids?" Even after getting all such errors cleared though, I still can't access the shares which are using the 'valid users = @localgroup' configuration. I've tried changing that to 'valid users = +localgroup' which should only check NSS but that also fails. Using the idbind nss backend doesn't help either. I'm kind of at a loss as to what to try next. Basically, I want things to work the same whether winbind is running or not. Thanks in advance, -David Mitchell -- ----------------------------------------------------------------- | David Mitchell ([email protected]) Network Engineer IV | | Tel: (303) 497-1845 National Center for | | FAX: (303) 497-1818 Atmospheric Research | ----------------------------------------------------------------- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
