[Samba] Unable to log on (authenticating) to a Samba NT Domain
I have 4 machines at home: 1 Linux Centos 4.4 running as a PDC 1 Linux Centos domain member running as my file server. Winbind works properly and I'm able to share files perfectly well 1 Windows XP sp2, member of my domain. No problem accessing files on Centos domain member 1 Linux Fedora Core 5, also a domain member. I'm unable to logon my Fedora 5 machine to my domain. I've joined the domain, Winbind is running. getent passwd and group show my domain passwd and group information properly. wbinfo -u return my users (including domain) [EMAIL PROTECTED] ~]# wbinfo -u MEPHISTOPHELES\root MEPHISTOPHELES\baubba MEPHISTOPHELES\linuxbasic MEPHISTOPHELES\jo-ann MEPHISTOPHELES\roberto MEPHISTOPHELES\programmer MEPHISTOPHELES\desrochers [EMAIL PROTECTED] ~]# wbinfo -g BUILTIN\administrators BUILTIN\users MEPHISTOPHELES\print operators MEPHISTOPHELES\replicators MEPHISTOPHELES\account operators MEPHISTOPHELES\domain guests MEPHISTOPHELES\backup operators MEPHISTOPHELES\system operators MEPHISTOPHELES\domain admins MEPHISTOPHELES\domain users [EMAIL PROTECTED] ~]# root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin rpm:x:37:37::/var/lib/rpm:/sbin/nologin distcache:x:94:94:Distcache:/:/sbin/nologin apache:x:48:48:Apache:/var/www:/sbin/nologin ntp:x:38:38::/etc/ntp:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin squid:x:23:23::/var/spool/squid:/sbin/nologin netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash pcap:x:77:77::/var/arpwatch:/sbin/nologin avahi:x:70:70:Avahi daemon:/:/sbin/nologin named:x:25:25:Named:/var/named:/sbin/nologin mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin haldaemon:x:68:68:HAL daemon:/:/sbin/nologin rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin hsqldb:x:96:96::/var/lib/hsqldb:/sbin/nologin tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin gdm:x:42:42::/var/gdm:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin vdr:x:100:101:Video Disk Recorder:/srv/vdr:/sbin/nologin MEPHISTOPHELES \root:*:16777216:16777216:root:/home/MEPHISTOPHELES/root:/bin/bash MEPHISTOPHELES\baubba:*:16777217:16777216:Roberto Mason:/home/MEPHISTOPHELES/baubba:/bin/bash MEPHISTOPHELES\linuxbasic:*:16777218:16777216:Roberto Mason:/home/MEPHISTOPHELES/linuxbasic:/bin/bash MEPHISTOPHELES\jo-ann:*:16777219:16777216:Jo-Ann Mason:/home/MEPHISTOPHELES/jo-ann:/bin/bash MEPHISTOPHELES\roberto:*:16777220:16777216:Roberto Mason:/home/MEPHISTOPHELES/roberto:/bin/bash MEPHISTOPHELES\programmer:*:16777221:16777216:Roberto Mason:/home/MEPHISTOPHELES/programmer:/bin/bash MEPHISTOPHELES\desrochers:*:16777222:16777216:Guillaume Desrochers:/home/MEPHISTOPHELES/desrochers:/bin/bash [EMAIL PROTECTED] ~]# getent group root:x:0:root bin:x:1:root,bin,daemon daemon:x:2:root,bin,daemon sys:x:3:root,bin,adm adm:x:4:root,adm,daemon tty:x:5: disk:x:6:root lp:x:7:daemon,lp mem:x:8: kmem:x:9: wheel:x:10:root mail:x:12:mail news:x:13:news uucp:x:14:uucp man:x:15: games:x:20: gopher:x:30: dip:x:40: ftp:x:50: lock:x:54: nobody:x:99: users:x:100: dbus:x:81: rpm:x:37: utmp:x:22: distcache:x:94: apache:x:48: ntp:x:38: nscd:x:28: floppy:x:19: vcsa:x:69: mysql:x:27: webalizer:x:67: screen:x:84: squid:x:23: netdump:x:34: pcap:x:77: slocate:x:21: avahi:x:70: named:x:25: mailnull:x:47: smmsp:x:51: haldaemon:x:68: rpc:x:32: xfs:x:43: hsqldb:x:96: tomcat:x:91: rpcuser:x:29: nfsnobody:x:65534: gdm:x:42: sshd:x:74: video:x:101: MEPHISTOPHELES\print operators:*:16777219: MEPHISTOPHELES\replicators:*:16777220:MEPHISTOPHELES\root MEPHISTOPHELES\account operators:*:16777221:MEPHISTOPHELES\root MEPHISTOPHELES\domain guests:*:16777222: MEPHISTOPHELES\backup operators:*:16777223:MEPHISTOPHELES\root MEPHISTOPHELES\system operators:*:16777224:MEPHISTOPHELES\root MEPHISTOPHELES\domain admins:*:16777225:MEPHISTOPHELES\roberto MEPHISTOPHELES\domain users:*:16777226:MEPHISTOPHELES \roberto,MEPHISTOPHELES\baubba,MEPHISTOPHELES\linuxbasic,MEPHISTOPHELES \programmer,MEPHISTOPHELES\jo-ann BUILTIN\administrators
[Samba] Login to domain.
I'm running Centos 4.2, with 3.0.23b-SerNet-RedHat as a NT 4 Domain. My Window XP machine logs in perfectly well to the domain. I have another machine running Opensuse 10.2 which I joined to the domain with no problems. using opensuse, I'm unable to loging to the domain. I get the message xserver: login (domain\user) is disabled. On the server samba.conf the shell is set to template shell = /bin/bash. I rebooted both the server and client. Here's samba.conf and getent passwd # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2006/10/09 15:18:04 [global] workgroup = MEPHISTOPHELES server string = Samba Server password server = passdb backend = tdbsam log file = /var/log/samba/%m.log max log size = 50 name resolve order = wins bcast host socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u shutdown script = /var/lib/samba/scripts/shutdown.sh abort shutdown script = /sbin/shutdown -c logon script = %U logon path = logon drive = z: domain logons = Yes os level = 70 preferred master = Yes domain master = Yes wins support = Yes ldap ssl = no preload = global idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/sh cups options = raw squid:x:31:65534:WWW-proxy squid:/var/cache/squid:/bin/false sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false suse-ncc:x:108:110:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false baubba:x:1000:100:Roberto Mason:/home/baubba:/bin/bash MEPHISTOPHELES \root:*:1:1:root:/home/MEPHISTOPHELES/root:/bin/false MEPHISTOPHELES\baubba:*:10001:1:Roberto Mason:/home/MEPHISTOPHELES/baubba:/bin/false MEPHISTOPHELES\linuxbasic:*:10002:1:Roberto Mason:/home/MEPHISTOPHELES/linuxbasic:/bin/false MEPHISTOPHELES\jo-ann:*:10003:1:Jo-Ann Mason:/home/MEPHISTOPHELES/jo-ann:/bin/false MEPHISTOPHELES\roberto:*:10004:1:Roberto Mason:/home/MEPHISTOPHELES/roberto:/bin/false MEPHISTOPHELES\programmer:*:10005:1:Roberto Mason:/home/MEPHISTOPHELES/programmer:/bin/false MEPHISTOPHELES\desrochers:*:10006:1:Guillaume Desrochers:/home/MEPHISTOPHELES/desrochers:/bin/false [EMAIL PROTECTED]:~ I don't see what's wrong Thanks Roberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Running Samba-Swat on Ubuntu System
I'm running Ubuntu with samba 3.0.21a. Ubuntu has both Webmin and Samba-Swat for Samba Administration, but I prefer to use Samba-SWAT. The problem I have with Ubuntu, is the root user in deactivated. When I go to run Samba-Swat, I have to log on as a regular user, and I end up not having Global, Share, Wizard or Pinter Icons. I know I can use Webmin, but my preference is Swat. Anyone know how I can get around this problem? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] getent ??
Sorry for asking this question again, I'm hoping someone can answer it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roberto Mason Sent: Saturday, May 22, 2004 5:16 PM To: Samba-List Subject: [Samba] getent ?? I've installed Fedora Core 2 from scratch, got my DNS and VNC to work, next is Samba. I was running previously SAMBA 2.28a but now I'm working with 3.04. I've since bought Samba-3 by Example, and I'm following it fairly closely. I've got samba to work with no shares yet, I've run initgrps.sh to create my Domain Groups. Winbind is working. I do a getent groups and this is what I get ~~ --- shortened the output of getent baubba:x:500: public:x:501: ntadmin:x:502: BUILTIN\System Operators:x:1: BUILTIN\Replicators:x:10001: BUILTIN\Guests:x:10002: BUILTIN\Power Users:x:10003: BUILTIN\Print Operators:x:10004: BUILTIN\Administrators:x:10005: BUILTIN\Account Operators:x:10006: BUILTIN\Backup Operators:x:10007: BUILTIN\Users:x:10008: Now my Domain is MEPHISTOPHELES. Shouldn't the output be more MEPHISTOPHELES\System Operators. or is this correct? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] getent ??
I've installed Fedora Core 2 from scratch, got my DNS and VNC to work, next is Samba. I was running previously SAMBA 2.28a but now I'm working with 3.04. I've since bought Samba-3 by Example, and I'm following it fairly closely. I've got samba to work with no shares yet, I've run initgrps.sh to create my Domain Groups. Winbind is working. I do a getent groups and this is what I get ~~ --- shortened the output of getent baubba:x:500: public:x:501: ntadmin:x:502: BUILTIN\System Operators:x:1: BUILTIN\Replicators:x:10001: BUILTIN\Guests:x:10002: BUILTIN\Power Users:x:10003: BUILTIN\Print Operators:x:10004: BUILTIN\Administrators:x:10005: BUILTIN\Account Operators:x:10006: BUILTIN\Backup Operators:x:10007: BUILTIN\Users:x:10008: Now my Domain is MEPHISTOPHELES. Shouldn't the output be more MEPHISTOPHELES\System Operators. or is this correct? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] joining to a Domain with a tdbsam backend (smb.conf, testparm and log included)
I'm about to give up. It's been months now that I've been playing around with Samba 3.0. I've downloaded their documentation. Tried to follow it as much as possible, but I'm getting no where with adding machine accounts to a Domain, real fast. I've asked this question a couple of times at the Samba Mailing list, but have gotten no reply(probably my fault, not enough info). So here goes. I'm a home user, with some Knowledge of NT 4 Domain Controllers. Years ago a set one up for a company I worked for. So when I got exposed to Linux, I naturally gravitated to Samba 2.2xx. Took me a while to figure it out, but I managed to setup a simple domain at home, with a few shares. Was able to add both Win XP and Linux machines to my domain. Now they came out with Samba 3. I did an upgrade several times to version 3. All machines that were already members of the domain I have no problem with. But when I try to add new machines (actually 1 new machine) if I try to use root in adding the domain, I get user/password not found (something or other like that). If I try to use my log in name Roberto (Domain Admin) set up according to the Doc, I get access denied. Considering myself still a newbie, I asking you guys for help. HELP Here's my setup: # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/02/14 13:40:54 # Global parameters [global] workgroup = MEPHISTOPHELES server string = Samba Server %v (Wish me luck) passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* username map = /etc/samba/smbusers unix password sync = Yes log file = /var/log/samba/log.%m max log size = 50 name resolve order = wins lmhosts bcast socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon script = %U.bat domain logons = Yes os level = 62 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap ssl = no [homes] comment = Home Directories read only = No browseable = No [netlogon] path = /home/netlogon guest ok = Yes share modes = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [work] path = /home/storage/work write list = @storage read only = No [movie] path = /home/storage/Movie write list = @storage read only = No [anonymous] path = /home/storage/anonymous valid users = @storage write list = @storage read only = No [Log] path = /var/log [installation] path = /home/storage/Installations valid users = @installation, @storage read list = @anonymous write list = @storage read only = No create mask = 0774 directory mask = 0774 [DOCUMENTS] path = /home/storage/Documents force user = roberto force group = documentation read only = No create mask = 0664 directory mask = 0664 inherit permissions = Yes [storage] path = /home/storage valid users = @storage, @installation read list = @installation write list = @storage force user = root force group = storage force create mode = 0775 force directory mode = 0775 [linuxdoc] path = /usr/share/doc This is what my net groupmap list gives [EMAIL PROTECTED] root]# net groupmap list System Operators (S-1-5-32-549) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Domain Admins (S-1-5-21-517848066-3869322434-1176822426-512) - domadmin Domain Guests (S-1-5-21-517848066-3869322434-1176822426-514) - -1 Domain Users (S-1-5-21-517848066-3869322434-1176822426-513) - domusers Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Account Operators (S-1-5-32-548) - -1 Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 I'm including the log for log.programxp (programxp being the machine that I'm trying to join to the domain) This is only part of what was generated (what I assumed was necessary) [2004/02/16 16:46:57, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2004/02/16 16:46:57, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2004/02/16 16:46:57, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2004/02/16 16:46:57, 3] smbd/uid.c:push_conn_ctx(287) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2004/02/16 16:46:57, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2004/02/16 16:46:57, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/02/16 16:46:57, 3] auth/auth_sam.c:check_sam_security(473) check_sam_security: Couldn't find user 'root' in passdb file. [2004/02/16 16:46:57, 3] auth/auth_winbind.c:check_winbind_security(79) check_winbind_security: Not using winbind, requested domain was for this SAM. [2004/02/16 16:46:57, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [admin] - [root] FAILED
[Samba] pam_winbind
I have an environment at home with the following: 1. Samba PDC 2.27A 2. Windows XP Pro, login in to the domain 3. Fedora Core 1 Workstation (with machine account on the domain) On the Fedora Workstation, smb.conf is fairly simple [global] workgroup = MEPHISTOPHELES server string = Samba Server security = DOMAIN auth methods = winbind log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No wins server = 192.168.1.10 ldap ssl = no idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/sh [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No Winbind is running, with I do a getent passwd, among the standard passwd file entries, I get the following: MEPHISTOPHELES\roberto:x:1:1::/home/MEPHISTOPHELES/roberto:/bin/sh MEPHISTOPHELES\joann:x:10001:1::/home/MEPHISTOPHELES/joann:/bin/sh MEPHISTOPHELES\root:x:10002:1::/home/MEPHISTOPHELES/root:/bin/sh I'm not knowedgeable when it comes to PAM configuration, but I configure two files according to the documentation I read. login file #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth auth sufficient /lib/security/pam_winbind.so use_first_pass accountrequired /lib/security/pam_winbind.so sessionrequired /lib/security/pam_limits.so sessionrequired /lib/security/pam_mkhomedir.so umask=0022 sessionoptional /lib/security/pam_console/so and gdm file #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth auth sufficient /lib/security/pam_winbind.so accountrequired /lib/security/pam_winbind.so sessionrequired /lib/security/pam_limits.so sessionoptional /lib/security/pam_console.so sessionrequired /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022 I still can't log in from my work station, using for example the roberto login from the domain. Is anyone able to see where I may have gone wrong. Thank You Roberto -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Machine Accounts
Roberto Mason wrote: I've added the seal registry patch and modified the script to include add machine script. I also added root to the smbpasswd and enabled the user, and still I get unknown user or password. There's something still missing. I seem to remember having this same problem and solving it by rebooting the box that was giving me this error. Rebooting really is the universal solution to any problem in Windows :) -- Andrew Gaffney -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba I've had similar problems with 2.27a, but I always got it to work. I applied the universal solution (short of applying the sledge hammer) but it didn't work. :-/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Machine Accounts
I'm running Linux from my home. I've been running Samba 2.27a for a while now. I've just recently upgraded my system to Fedora Core 1. With that, sAmba has been upgraded to 3.0015. I've included my smb.conf file. I can't seem to create a machine account. I get unknown user or password. I do have a user root in smbpasswd. Like they say...HELP! :-) [global] logon path = dns proxy = No server string = samba server socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ldap ssl = no preferred master = Yes workgroup = MEPHISTOPHELES unix password sync = yes password server = None logon home = add machine script = /usr/sbin/useradd -d /dev/null -g 100 \{} -s /bin/false -M %u encrypt passwords = yes guest ok = Yes wins support = Yes domain logons = Yes log file = /var/log/samba/%m.log max log size = 50 domain master = Yes username map = /etc/samba/smbusers [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No --- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Machine Accounts
I'm not using smbpasswd -a... , but trying through xp to add the machine to the domain. When in Computer Name Changes window I specify the domain MEPHISTOPHELES, and then I'm prompted for the administrator username/password MEPHISTOPHELES\root and passwd I get the unkown username/password message. are you saying you can't do smbpasswd -a -m user or that you can't add windows 2000/xp to a domain? Roberto Mason wrote: I'm running Linux from my home. I've been running Samba 2.27a for a while now. I've just recently upgraded my system to Fedora Core 1. With that, sAmba has been upgraded to 3.0015. I've included my smb.conf file. I can't seem to create a machine account. I get unknown user or password. I do have a user root in smbpasswd. Like they say...HELP! :-) [global] logon path = dns proxy = No server string = samba server socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ldap ssl = no preferred master = Yes workgroup = MEPHISTOPHELES unix password sync = yes password server = None logon home = add machine script = /usr/sbin/useradd -d /dev/null -g 100 \{} -s /bin/false -M %u encrypt passwords = yes guest ok = Yes wins support = Yes domain logons = Yes log file = /var/log/samba/%m.log max log size = 50 domain master = Yes username map = /etc/samba/smbusers [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No --- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems joining a Domain
I've upgraded my Domain from 2.27a to 3.0. My authentication is done using the standard smbpasswd file. Since I've upgraded to 3.0, when I try to join a XP machine to the Domain, I get unknown user or password message. I'm using add machine script that's found in the Doc for Samba 3.0. I running Fedora Core 1 I use the following scripts: add user script = adduser -u delete user script = userdel -u add machine script = /usr/sbin/useradd -d /dev/null -g 100 \{} -s /bin/false -M %u I'd be grateful is someone could point me in the right direction. Thanks Roberto -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RedHat 9.0 winbind, and Pam login
Is there someone that could send me a sample /etc/pam.d/login file that works on Redhat 9.0. My winbind set now seems to be working fine. When I do a wbinfo -a ., my authenticfication works for both text and challenge response. I've modified my pam.d/login file to look like this, but I can't log on to my user domain user roberto on my Samba Client, though I can from my Windoze XP client. auth required /lib/security/pam_securetty.so auth sufficient /lib/security/pam_winbind.so auth sufficient /lib/security/pam_unix.so use_first_pass auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so accountsufficient /lib/security/pam_winbind.so accountrequired /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth sessionrequired /lib/security/pam_stack.so service=system-auth sessionrequired /lib/security/pam_mkhomedir.so umask=0022 sessionoptional /lib/security/pam_console.so I copied this for a Winbind Howto. Thanks Roberto -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba groups
Hi Everyone :) I'm running Samba-2.2.8a on two PC'S. One PC call POSTA runs as a PDC. workgroup = SAMBANET netbios name = POSTA server string = Samba Server bind interfaces only = No security = USER encrypt passwords = Yes update encrypted = No allow trusted domains = Yes The second runs as a domain client workgroup = SAMBANET netbios name = ROBERTO-UX server string = Samba Client security = DOMAIN encrypt passwords = Yes obey pam restrictions = Yes pam password change = Yes I have winbind running on the client only. I've created 3 groups: Installation, storage and anonymous. I added myself (user:roberto) to each group. Than in a samba share, I added valid user @(each group). In doing so, I'm assuming that each group is a Global/Domain Group when I do wbinfo -g, I get the following [EMAIL PROTECTED] root]# /usr/local/samba/bin/wbinfo -g SAMBANET\Domain Admins SAMBANET\Domain Users Am I know supposed to see my three groups (Installation, storage and anonymous) I guess this is related, when I do a getent group, I do not see my 3 Domain Groups Second question. When I do a getent passwd, I see the all users, including those of my PDC SAMBANET. Yet when I do the following: [EMAIL PROTECTED] root]# /usr/local/samba/bin/wbinfo -s SAMBANET+roberto%barnburner Could not lookup sid SAMBANET+roberto%barnburner I can not log from my client computer using a domain user/password. Can anyone suggest where I'm going wrong? Thank You Roberto -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Setting Separate File server from Samba PDC
I'm aim to set up a file server that is separate from my SAMBA PDC. I've had no problem setting file server up, and joining it to he domain using smbpasswd. Can I use winbind with a SAMBA PDC or is it meant only for Windows NT servers. When creating shares on this file server, I need to allow permissions to various groups and or users. How can I do this. Do I need to set up NIS? Thank You in advance Roberto -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Setting Separate File server from Samba PDC
Then that explains it, I'm running version 2.27a-8.9.0 from Redhat 9.0. I'm going to download and install the latest Samba. Thanks Again Roberto On Wed, 2003-06-11 at 11:11, Vizitiu, Ciprian wrote: I'm aim to set up a file server that is separate from my SAMBA PDC. I've had no problem setting file server up, and joining it to he domain using smbpasswd. Can I use winbind with a SAMBA PDC or is it meant only for Windows NT servers. Not so long ago I posted the same question and someone sent me this patch. I was on RH 8.0 with 2.2.7 so I needed it. --- nmbd/nmbd_logonnames.c 30 Jan 2002 06:08:22 - 1.11 +++ nmbd/nmbd_logonnames.c 6 Oct 2002 09:58:09 - @@ -139,6 +139,7 @@ void add_logon_names(void) { struct subnet_record *subrec; + struct nmb_name nmbname; for (subrec FIRST_SUBNET; subrec; subrec NEXT_SUBNET_INCLUDING_UNICAST(subrec)) { @@ -146,7 +147,6 @@ if (work (work-log_state LOGON_NONE)) { - struct nmb_name nmbname; make_nmb_name(nmbname,global_myworkgroup,0x1c); if (find_name_on_subnet(subrec, nmbname, FIND_SELF_NAME) NULL) @@ -162,4 +162,6 @@ } } } + make_nmb_name(nmbname,global_myworkgroup,0x1c); + insert_permanent_name_into_unicast(FIRST_SUBNET, nmbname, 0x1c); } After this wbinfo started to work with SAMBA PDC. It was 2.2.7 from RH8... Well the patch worked with some small quirks but it can be done. Unfortunately I don't have the original mail so I can't tell you who he was ;-). I remember him telling me that in 2.2.8 things should be fixed so maybe the listers can tell you more about this. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and Winbind
Hello eveyone, Thanks in advance, for what every help you can provide me :) I'm trying to get Winbind to work at home, but I seem to be getting nowhere awfully fast. Here's my situation. I have a server (Redhat 9.0) called Mail... which acts as SAMBA PDC, NIS/NFS, MAIL, DNS and DHCP server. In addition, I have two other servers setup. 1 is an Windows 2000 standalone server, that I've setup for the moment to act as both a file server and print server. The machine account has been created on the domain. The second is a Redhat 9.0 file server. Also on that server (running Samba) I have a machine account created on the Domain. I have a 4th machine, with windows xp and Redhat workstation coexisting together. Both are registered with the Domain. I have no problem logging from both 2000 server or xp machine using a domain user. Because of NIS, I can also log to my Linux boxes with no problem. Where I do have a problem is sharing files on my Linux File server. I assume, because I can't get my Winbind to work, I can't properly share my files, since I can't access neither the Samba Users or groups. On the Domain server, I've created a group called storage, and added the user Roberto to that group. When I go to the file server, if I do ypcat group, I see the group I created (I updated the YP database) If I do ypcat passwd, I see the users I created on the main server. On this same file server I share a directory called storage. Here's an extract of my smb.conf file: [storage] path = /storage valid users = @storage write list = @storage read only = No Everytime I try to access this directory from Network neighborhood, it asks me to log on. I'm assuming that I need Winbind. I've tried installing it, Winbindd is running, I modified /etc/pam.d/logon file auth required pam_securetty.so auth required pam_stack.so service=system-auth auth required pam_nologin.so auth sufficientpam_winbind.so added auth required pam_deny.so added accountrequired pam_stack.so service=system-auth password required pam_stack.so service=system-auth sessionrequired pam_stack.so service=system-auth sessionoptional pam_console.so This is the conf for smb.conf [global] workgroup = SAMBANET netbios name = SERVER server string = Samba Server security = DOMAIN encrypt passwords = Yes obey pam restrictions = Yes password server = 192.168.1.3 pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* unix password sync = Yes log file = /var/log/samba/%m.log max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 preferred master = No domain master = No dns proxy = No wins server = 192.168.1.3 winbind uid = 1-2 winbind gid = 1-2 winbind separator = + winbind use default domain = Yes printing = cups [homes] comment = Home Directories valid users = %S read only = No create mask = 0664 directory mask = 0775 browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [storage] path = /storage valid users = @storage write list = @storage read only = No :) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba