On Mon, 2003-03-10 at 17:09, Paul Cabot wrote: > According to the documentation on setting up Samba to be a PDC. It says > that you have to enable encrypted passwords for it to work! > > Now for Samba with PAM to work the documentation says that you can't > have encrypted passwords enabled!
Correct, for authentication. The 'obey pam restrictions' is about 'account' and 'session' properties like 'expired' and 'too many users'. > So does that mean that I can't set up Samba has a PDC and use PAM to > authenticate the users! Yes. > Reason I ask is I did have Samba set up as a PDC with 3 windows client > computers, 2 with Windows 2000, one with Windows XP! > > I then deciced to try and use PAM so I went into the registry of the 3 > clients and set it to enableplaintextpasswords = 1 This won't affect domain logons from NT or above > And I set Samba to plain text passwords and to obey pam restrictions! > > Pam now works Ie if I change the password with smbpasswd the unix > password is changed as well! > > But the problem I'm having is! > > When a I logon to the domain, My username and Password are excepted but > then I get a message on windows saying that it couldn't access my > profile and will use a local profile, also it mentions that the username > and password might not be correct! Once I have the windows desktop I > can't access my home network drive (The one that you set Samba to), but > if I go into the network area and access the domain there and then > access the server it asks for my username and password and voila it > works I can access the profiles and home shares! If you have your passwords in smbpasswd, then just set 'encrypt passwords = yes' and by happy. > Here is my smb.conf file > > [global] > workgroup = DOMAIN > netbios name = CABOTP > server string = Samba Server %v %h > obey pam restrictions = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *passwd:*all*authentication*tokens*updated*successfully* > username map = /etc/samba/smbusers > unix password sync = Yes > log level = 1 > log file = /var/log/samba/%m.log > max log size = 50 > time server = Yes > printcap name = lpstat > logon script = %U.vbs > logon path = \\%L\Profiles\%U > logon drive = Z: > logon home = \\%L\%U > domain logons = Yes > os level = 64 > preferred master = Yes > domain master = Yes > wins support = Yes > hosts allow = 192.168.0.0/24, 127.0.0.1 > printing = lprng > > [homes] > comment = Home Directories > valid users = %S > admin users = root,paul > read only = No > create mask = 0664 > directory mask = 0775 > strict allocate = Yes > strict locking = Yes > > [netlogon] > comment = Network Logon Service > path = /var/spool/samba/netlogon > write list = root > > [Profiles] > path = /var/spool/samba/profiles > read only = No > csc policy = disable > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
