While unable to actually fix ADS client authentication, I did fix my setup.
I can still use the computer account created with the 'net join ads' command. I simply changed to security = domain, and removed the realm = entirely. I assume the following only works if the windows 2003 DC is running in 'mixed mode' domain support Here is the smb.conf which fixes my problem: [global] security = DOMAIN workgroup = MYDOMAIN password server = DC1, DC2, * encrypt passwords = yes wins server = 192.168.0.1 netbios name = MYSAMBA winbind separator = + idmap uid = 10000-20000 idmap gid = 10000-20000 winbind use default domain = yes winbind enum users = yes winbind enum groups = yes obey pam restrictions = yes template homedir = /est/home/share/%U template shell = /bin/bash server string = name resolve order = wins bcast lmhosts socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 max log size = 4096 log file = /var/log/samba/%m local master = yes domain logons = no domain master = no preferred master = no wins support = no wins proxy = no dns proxy = no preserve case = no short preserve case = no [homes] write cache size = 64000 comment = "%U" browseable = no public = no read only = no guest ok = no valid users = "@Domain Users", "@Enterprise Admins" force group = "Domain Users" vfs object = recycle vfs_recycle_bin:noversions = vfs_recycle_bin:exclude_dir = vfs_recycle_bin:exclude = vfs_recycle_bin:maxsize = 0 vfs_recycle_bin:touch = yes vfs_recycle_bin:versions = yes vfs_recycle_bin:keeptree = yes vfs_recycle_bin:repository = .recycle [upload] write cache size = 64000 browseable = yes comment = user uploads path = /upload/share read only = yes public = yes write list = "@Domain Users", "@Enterprise Admins" force group = "Domain Users" vfs object = extd_audit recycle vfs_recycle_bin:noversions = vfs_recycle_bin:exclude_dir = vfs_recycle_bin:exclude = vfs_recycle_bin:maxsize = 0 vfs_recycle_bin:touch = yes vfs_recycle_bin:versions = yes vfs_recycle_bin:keeptree = yes vfs_recycle_bin:repository = .recycle/%U [documents] write cache size = 64000 browseable = yes comment = documents path = /documents/share read only = no public = yes guest ok = yes valid users = "@Domain Users", "@Enterprise Admins" force group = "Domain Users" vfs object = extd_audit recycle vfs_recycle_bin:noversions = vfs_recycle_bin:exclude_dir = vfs_recycle_bin:exclude = vfs_recycle_bin:maxsize = 0 vfs_recycle_bin:touch = yes vfs_recycle_bin:versions = yes vfs_recycle_bin:keeptree = yes vfs_recycle_bin:repository = .recycle/%U [tftp] write cache size = 64000 browseable = yes comment = tftp path = /tftp/share read only = no public = no guest ok = yes valid users = "@Enterprise Admins", "@Domain Users" force group = "Domain Users" vfs object = extd_audit recycle vfs_recycle_bin:noversions = vfs_recycle_bin:exclude_dir = vfs_recycle_bin:exclude = vfs_recycle_bin:maxsize = 0 vfs_recycle_bin:touch = yes vfs_recycle_bin:versions = yes vfs_recycle_bin:keeptree = yes [public] write cache size = 64000 browseable = yes comment = public files path = /public/share read only = yes public = yes guest ok = yes write list = "@Enterprise Admins" vfs object = extd_audit recycle vfs_recycle_bin:noversions = vfs_recycle_bin:exclude_dir = vfs_recycle_bin:exclude = vfs_recycle_bin:maxsize = 0 vfs_recycle_bin:touch = yes vfs_recycle_bin:versions = yes vfs_recycle_bin:keeptree = yes vfs_recycle_bin:repository = .recycle/%U -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
