Hi Still the same problem...
I think the connection to the domain is ok. because if i use a non existent user, the log says: "FAILED with error NT_STATUS_NO_SUCH_USER" If I use a wrong password is gives me also a different error message. cheers On 5/10/07, Gianluca Culot <[EMAIL PROTECTED]> wrote:
> -----Messaggio originale----- > Da: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > conto di Urs Golla > Inviato: giovedì 10 maggio 2007 9.44 > A: [email protected] > Oggetto: [Samba] security = ads --> invalide user > > > Hello > > I try to run SAMBA with security = ads on AIX 5.3 with SAMBA 3.0.23d. > "net ads join" was successful and the machine is now visible in the Domain > with the netbios name. > > When I try to access the shares on the machine the log.smbd files says: > > (...) > [2007/05/10 08:58:16, 1] smbd/sesssetup.c:reply_spnego_kerberos(310) > Username MYDOMAIN/MYUSERNAME is invalid on this system > [2007/05/10 08:58:16, 3] smbd/error.c:error_packet(146) > error packet at smbd/sesssetup.c(315) cmd=115 (SMBsesssetupX) > NT_STATUS_LOGON_FAILURE > (...) > > > ****************************************************** > smb.conf: > > [global] > winbind separator = / > netbios name = MYNETBIOSNAME > winbind enum users = yes > workgroup = MYDOMAIN > winbind enum groups = yes > #password server = * > password server = MYPASSWORDSERVER > encrypt passwords = yes > dns proxy = no > realm = MYREALM > security = ADS > wins proxy = no > winbind use default domain = Yes > client use spnego = yes > #idmap uid = 10000-20000 > #winbind gid = 10000-20000 > preferred master = no > log level = 3 > wins server = x.x.x.x > #auth methods = guest sam winbind > #idmap uid = 10000-20000 > idmap gid = 10000-20000 > > > [testsamba] > comment = Samba testfolder > path = /testsamba > read only = no > valid users = MYDOMAIN/USERNAME > > ****************************************************** > > I also maped the domain groups with "net groupmap" > > # ./net groupmap list > Domain Users (S-1-5-21-3687956107-1621720357-3427760348-513) -> > domainusers > Domain Guests (S-1-5-21-3687956107-1621720357-3427760348-997) -> nobody > Administrators (S-1-5-32-544) -> 5000 > mygroup (S-1-5-21-3687956107-1621720357-3427760348-14001) -> mygroup > Users (S-1-5-32-545) -> 5001 > > --> MYDOMAIN/USERNAME is a member of MYDOMAIN/mygroup > **************************************************************** > > Why does it say "invalide user"? I think I should also be able to > browse the > shares without a valid user... > > any help is much appreciated!!! > > Regards > Urs > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > I would check winbind separator = / to my knowlegde it should be winbind separator = \ or could be commented as its default is \ I've setup a samba 3.0.24,1 on freebsd with ads against a Windows2003 Server and I did not specified Winbind Separator
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
