Hello, I have samba + windbind running on red hat linux 8.0. I can ssh to the samba server but windows clients can't connect.
>From the log it looks like windows is not reading the user as CVRR2+soo and only using soo. Any ideas on how to fix this problem? Here is my smb.conf: # #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = CVRR2 # server string is the equivalent of the NT Description field server string = Samba Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx printing = lprng # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # Put a capping on the size of the log files (in Kb). max log size = 0 # Security mode. Most people will want user level security. See # security_level.txt for details. security = domain # Use password server option only with security = server # The argument list may include: # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] # or to auto-locate the domain controller/s # password server = * ; password server = <NT-Server-Name> password server = ostrich # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd # The following is needed to keep smbclient from spouting spurious errors # when Samba is built with support for SSL. ; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt # The following are needed to allow password changing from Windows to # update the Linux system password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only # the encrypted SMB passwords. They allow the Unix password # to be kept in sync with the SMB password. unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # You can use PAM's password change control flag for Samba. If # enabled, then PAM will be used for password changes when requested # by an SMB client instead of the program listed in passwd program. # It should be possible to enable this without changing your passwd # chat parameter for most setups. pam password change = yes obey pam restrictions = yes ;winbind stuff winbind separator = + winbind cache time = 60 template shell = /bin/bash template homedir = /home/%D/%U winbind uid = 10000-20000 winbind gid = 10000-20000 #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes valid users = %S create mode = 0664 directory mode = 0775 # If you want users samba doesn't recognize to be mapped to a guest user ; map to guest = bad user [test] path = /home/CVRR2 read only = no create mask = 0777 directory mask = 0777 browseable = yes guest ok = no "Valid users = CVRR2+username" # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes Here is the samba log: [2003/01/23 09:46:00, 3] smbd/reply.c:reply_sesssetup_and_X(868) sesssetupX:name=[soo] [2003/01/23 09:46:00, 3] libsmb/namequery.c:resolve_lmhosts(768) resolve_lmhosts: Attempting lmhosts lookup for name OSTRICH<0x20> [2003/01/23 09:46:00, 3] libsmb/namequery.c:resolve_hosts(808) resolve_hosts: Attempting host lookup for name OSTRICH<0x20> [2003/01/23 09:46:00, 3] lib/util_sock.c:open_socket_out(845) Connecting to 132.239.223.171 at port 445 [2003/01/23 09:46:00, 0] rpc_client/cli_netlogon.c:cli_net_sam_logon_internal(406) cli_net_sam_logon_internal: NT_STATUS_NO_SUCH_USER [2003/01/23 09:46:00, 0] smbd/password.c:domain_client_validate(1619) domain_client_validate: unable to validate password for user soo in domain ROSEBUD to Domain controller ostrich. Error was NT_STATUS_NO_SUCH_USER. [2003/01/23 09:46:00, 1] smbd/password.c:pass_check_smb(545) Couldn't find user 'soo' in passdb. [2003/01/23 09:46:00, 2] smbd/reply.c:reply_sesssetup_and_X(975) NT Password did not match for user 'soo'! [2003/01/23 09:46:00, 2] smbd/reply.c:reply_sesssetup_and_X(985) Defaulting to Lanman password for soo [2003/01/23 09:46:00, 1] smbd/password.c:pass_check_smb(545) Couldn't find user 'soo' in passdb. [2003/01/23 09:46:00, 1] smbd/reply.c:reply_sesssetup_and_X(1001) Rejecting user 'soo': authentication failed [2003/01/23 09:46:00, 3] smbd/error.c:error_packet(113) error packet at smbd/reply.c(1003) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2003/01/23 09:46:00, 3] smbd/process.c:timeout_processing(1098) end of file from client -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba