Dear all, I guess there were a lot of posts about this subject, but Im really stuck & prefer start a new thread hoping that some of you won't mind re-posting to help the Samba NewBie that I am.
well, here is my situation: - more than 1000 users on a hetegenous network, One Domain & the need to keep only one. - I need my Linux Boxes' users to get authenticated against a single AD, therefore I installed Samba 3 on a redhat 9 kernel 2.4, - smbd, nmbd & Winbind are running - the linux boxes joined my domain using the command [EMAIL PROTECTED] root]#net ads join -U Administrator%password - I am able to view the list of the users in the AC, with: [EMAIL PROTECTED] root]#/usrlocal/samba/bin/wbinfo -u HOWEVER, I get the listing in the format username not the supposed MYDAMAINNAME+username furthermore, when I try to logon the linuxbox using one of my AD users, I simply cannot Please find below my config files: smb.conf, /pam.d./login & /etc/nsswitch Thank you very much for reading my post & Please let me know if you need anymore information.... Best Regards, smb.conf #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = medi netbios name = LinuxMachine logon drive = h: logon home = \\home_dir_server\%U logon script = %U.bat winbind separator = : idmap uid = 10000-20000 idmap gid = 10000-20000 winbind uid = 10000-20000 winbind gid = 10000-20000 winbind enunm users = yes winbind enunm groups = yes template homedir = /home/%D/ %U template shell = /bin/bash winbind usedefault domain = yes client use spnego = yes unix extensions = yes case sensitive = yes delete readonly = yes # server string is the equivalent of the NT Description field server string = Samba Server max log size = 50 security = ADS ads server = 10.100.101.62 password server = 10.100.101.62 encrypt passwords = yes realm = medi.com smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n pam password change = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 wins server = 10.100.101.62 username map = /etc/samba/smbusers dns proxy = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writeable = yes valid users = %S create mode = 0664 directory mode = 0775 [shared] path = /home/shared writeable = yes guest ok = yes [medi] path = /home/medi writeable = yes Login #%PAM-1.0 auth required /lib/security/pam_securetty.so auth sufficient /lib/security/pam_winbind.so auth sufficient /lib/security/pam_unix.so use_first_pass auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session optional /lib/security/pam_console.so #auth requisite pam_nologin.so #auth requisite pam_krb5.so #auth optional pam_smbpass.so migrate #account required pam_krb5.so #password requisite pam_cracklib.so retry=3 #password optional pam_smbpass.so nullok use_authtok try_first_pass #password required pam_krb5.so use_authtok try_first_pass #session required pam_krb5.so nsswitch: passwd: files winbind shadow: files group: files winbind =================================== Sebbane Mehdi Network & Systems Administrator ITS Department Alakhawayn University Ifrane 53000 Morocco Voice : +212 (0) 55 86 24 23 Fax: +212 (0) 55 86 24 24 www.aui.ma =================================== -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba