Mike,
Assuming turgon is an AD user, try "username=DACRIB+turgon" for the cifs
mount.
Dale
On 04/29/2010 7:44 PM, Mike Leone wrote:
Any clues?
I also can't mount shares, I'm guessing it's all related:
$ sudo mount -t smbfs -o username=turgon,password=*******
//workhorse/OldHome /mnt
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
The "turgon" account is a Domain Admin, not to mention owner of the
share I am trying to mount.
Once again, I am trying to add a machine to my Win2003 AD (that has
Services for Unix installed). I am using Xubuntu 9.10, and samba 3.4.0.
I set up Kerberos, and am getting a ticket. I have successfully joined
the domain.
# net ads join -U administrator
Enter administrator's password:
Using short domain name -- DACRIB
Joined 'DUAL-BOOTER' to realm 'DaCrib.local'
wbinfo -u does return all users, both local and AD.
wbinfo -g returns all groups, both local and AD.
wbinfo -t succeeds.
However, I am failing plaintext authentication, with wbinfo -a:
wbinfo -a turgon
Enter turgon's password:
plaintext password authentication failed
Could not authenticate user turgon with plaintext password
Enter turgon's password:
challenge/response password authentication succeeded
Google seems to be non-helpful, with this failure message from samba.
Can anyone shed any light on my problem? Eventually, I want to configure
this machine so that I can log into the machine using only AD accounts
(no local logins), but I didn't want to proceed, until I had this
problem solved.
testparm:
[global]
workgroup = DACRIB
realm = DACRIB.LOCAL
server string = %h server (Samba %v, Domain: %D, Server: %L - %R)
security = ADS
map to guest = Bad User
password server = dim-win2300.DaCrib.local
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
log level = 1
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 2
local master = No
domain master = No
dns proxy = No
eventlog list = Application, System, Security, SyslogLinux
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind nss info = rfc2307
winbind refresh tickets = Yes
idmap config DACRIB:schema_mode = rfc2307
idmap config DACRIB: default = true
invalid users = root
read only = No
create mask = 0700
directory mask = 0775
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
