Hi list, i am having trouble authenticating users against an windows 2003 sp1 ads.
I am using samba 3.0.20-0.1 Here is my smb.conf: workgroup = SIV map to guest = Bad User security = ads password server = ads01.siv.de realm = siv.de client ntlmv2 auth = yes spnego = yes My krb5.conf: [libdefaults] default_realm = SIV.DE dns_lookup_realm = false dns_lookup_kdc = false clockskew = 300 # # Set this to false to disable MIT krb5 compatibility # in GSSAPI get_mic/verify_mic, and become compatible # with older Heimdal releases instead. gss_mit_compat = true [realms] SIV.DE = { kdc = ads01.siv.de #admin_server = ads01.siv.de default_domain = siv.de } [domain_realm] .siv.de = SIV.DE siv.de = SIV.DE [logging] default = SYSLOG:NOTICE:DAEMON kdc = FILE:/var/log/kdc.log kadmind = FILE:/var/log/kadmind.log [appdefaults] pam = { ticket_lifetime = 1d renew_lifetime = 1d forwardable = true proxiable = false retain_after_close = false minimum_uid = 0 debug = false } As you can see i do not use winbind. Is the wrong, i.e. is winbind required to authenticate users against ads ? The configuration itself works nearly right. When i try to access the samba server via windows is see in the log file: Username SIV.DE/regner is invalid on this system When i login as user 'regner' (without domain prefix) and password the login works successful ! I´ve tested this behavios with several account. All work successful without domain prefix. Can anybody help ?? -- Mit freundlichen Grüßen Ronny Egner SIV.AG Konrad-Zuse-Straße 1 18184 Roggentin Telefon: +49 (0)3 81 / 25 24 422 Telefax: +49 (0)3 81 / 25 24 399 mailto:[EMAIL PROTECTED] http://www.siv.de ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. The views expressed in this e-mail are those of the individual author and not necessarily those of SIV.AG. This footnote also confirms that this email message has been swept by serval anti-virus tools for the presence of computer viruses. ********************************************************************** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba