There are two NT domains, the resource domain (pretend it's RESDOM) and the user domain (MASDOM) where RESDOM trusts MASDOM. My Samber server (COOL) is registered in the RESDOM domain. I can do smbclient -L COOL -U MASDOM/myname and it asks for a password and displays the shares correctly, even picking up the NIS logon share.
The problems start, however, when I want to connect to the myname share - it won't authenticate. I have a share set up to /tmp and when I write to it, instead of getting the NIS UID and GID, I get GID 10000 and UID MASDOM+myname. I want it to pick up the NIS one and use it instead. Here's some stuff from smb.conf [global] workgroup = RESDOM security = DOMAIN netbios name = COOL name resolve order = lmhosts wins bcast preferred master = false local master = no wins support = no NIS homedir = yes guest account = qguest map archive = no winbind separator = + winbind enum users = yes winbind enum groups = yes winbind uid = 10000-20000 winbind gid = 10000-20000 [tmp] path = /tmp create mask = 775 guest ok = yes log.winbindd says (among other things): MASDOM is a mixed (or NT4) mode domain ... nsswitch/winbindd_pac.c:winbindd_pam_auth_crap(275) pam auth crap domain: MASDOM user: myname ... getpwname masdom+myname name_to_sid name=myname name_to_sid [rpc] myname for domain MASDOM ... log.192.168.1.3 says (among other things) '/usr/users/MASDOM+myname' does not exist or is not a directory, when connecting to [myname] connect to service tmp initially as user MASDOM+myname (uid=10000, gid=10000) (pid 7222) /usr/local/samba/bin/testparm complains: 'winbind separator = +' might cause problems with group membership I got that configuration string from Samba documentation. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
