Hello, having spent many hours scouring archives, docs, books and googling without finding an answer I need to ask your help on this.
running samba 3.4.0-3ubuntu5.3 on ubuntu 9.10 server, client users can login to the share from windows clients but the same users is denied access when connecting from OS X via GO/Connect To Server in format smb://fqdnofserver user authentication is to active directory using kerberos and LDAP and am not running winbind pam.d/samba is set to allow smb logins, that is shell logins are not permitted for active directory authenticated users. here's that snippet: # /etc/pam.d/samba auth sufficient pam_krb5.so minimum_uid=1000 use_first_pass account sufficient pam_ldap.so use_first_pass session sufficient pam_ldap.so I have tested my configs on samba 3.0.33 on CENTOS and it works fine there for both OS X and windows the share is setup on /shares/asgs with these permissions: drwxrwsrwx 8 root root 87 2010-02-20 00:17 shares drwxrws--- 2 grant ASGSFileUsers 18 2010-02-20 00:21 asgs here's smb.conf: [global] unix extensions = no disable spoolss = Yes disable netbios = yes name resolve order = hosts workgroup = AD realm = AD.UCSD.EDU server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 log level = 3 panic action = /usr/share/samba/panic-action %d security = ads encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes pam password change = no map to guest = bad user usershare allow guests = no [asgs] comment = ASGS path = /shares/asgs browsable = Yes valid users = @ad\ASGSFileUsers write list = @ad\ASGSFileUsers create mask = 2660 directory mask = 2770 The tail n20 of the log of the conecting ip shows this for an OS X attempt: [2010/02/20 00:56:16, 3] smbd/oplock_linux.c:219(linux_init_kernel_oplocks) Linux kernel oplocks enabled [2010/02/20 00:56:16, 3] smbd/process.c:1453(process_smb) Transaction 0 of length 51 (0 toread) [2010/02/20 00:56:16, 3] smbd/process.c:1272(switch_message) switch message SMBnegprot (pid 5658) conn 0x0 [2010/02/20 00:56:16, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 00:56:16, 3] smbd/negprot.c:567(reply_negprot) Requested protocol [NT LM 0.12] [2010/02/20 00:56:16, 3] smbd/negprot.c:387(reply_nt1) using SPNEGO [2010/02/20 00:56:16, 3] smbd/negprot.c:672(reply_negprot) Selected protocol NT LM 0.12 [2010/02/20 00:56:18, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2010/02/20 00:56:18, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2010/02/20 00:56:18, 3] smbd/server.c:848(exit_server_common) Server exit (failed to receive smb request) Hope someone can give me a pointer where to look next or what to tweak. Let me know if you need other log snippets. Thanks, Grant -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
