Hello all, I've got a weird problem with a fresh install of Samba from the FreeBSD ports collection (btw. the BSD-box is also a fresh 4.7 Stable install).
Configured Samba 2.2.7a - without cups - with winbind - with winbind-auth - with audit so far, the installation seemed to work fine... Then I copied the libnss_winbind.so to /usr/lib and softlinked it to /usr/local/lib as well as to the other files mentioned in the howto (with the .so.1 and .so.2 endings). FreeBSD has no /lib directory, so I used the ones below /usr and /usr/local. I left out the pam step because I just want to provide the file-serving capabilities of samba to the clients (hope this is correct - this is my first time playing around with winbind because I'm bored with syncronizing NT&Unix Accounts). Then, I joined the domain with smbpasswd -j MYDOM -r NT4PDC -U Administrator (supplied the correct password) and got the success message. The wbinfo otions -u, -g, -t, -a (challenge/response & plaintext) do all work fine. But when I want to connect from a w2ksp2-machine to Samba, it doesn't seem to hand over the provided user credentials to winbindd (same with smbclient on localhost). So here are some questions: - I don't need the pam configuration if I don't want other services to be authenticated with winbind, do I? - I don't need more winbind uid's and gid's than Users and Groups on the PDC? - If I enable the "winbind use default domain" option, I don't need to add the NT-Domainname to the Usernames in valid/admin users, do I? - Which is a good loglevel to see where the authentication fails? - Any other hints from more experienced samba/winbind/freebsd(non-linux) users (maybe you have a look at my smb.conf below)? btw here's my smb.conf: [global] workgroup = MYDOM netbios name = FOO interfaces = xl0 bind interfaces only = Yes security = DOMAIN encrypt passwords = Yes update encrypted = Yes password server = NT4PDC, NT4BDC wins server = NT4PDC winbind uid = 15000-15050 winbind gid = 15000-15050 template shell = /sbin/nologin winbind separator = + winbind cache time = 5 winbind use default domain = Yes [sysroot$] path = / valid users = Admin1, Admin2 admin users = Admin1, Admin2 read only = No [raid$] path = /raid valid users = Admin1, Admin2 admin users = Admin1, Admin2 read only = No any hints? would be great ;-) Wolfram -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba