Is there a reason nobody responded this message?
On 1/6/04 10:58 PM, Wm. Dean Dufresne [EMAIL PROTECTED] wrote:
I am setting up my first 3.0.1 installation. I am using Slackware 9.1, I am
trying to connect to a Windows 2000 Server. I do not need active directory
support (as far as I know). The server's function is a file server. So
Users need seamless authentication... of course. I do not have LDAP
installed. It's a plain server besides the 3ware RAID.
I compiled and installed samba 3.0.1, standard paths. I followed the howto
on the samba site.
It is %99 working. Smbd, nmbd, winbindd are all running.
#wbinfo -t
checking the trust secret via RPC calls succeeded
# wbinfo -p
Ping to winbindd succeeded on fd 4
Getent passwd, getent group works fine.
I can assign permissions to domain users like chown domain+user file
However when I try to connect from the PDC to the linux box with a domain
user account, it won't let me in.
The name of the PDC is w2ksrv1, and linux box is macfiles. The domain
is mac.
I was able to add a local user testuser and add it through smbpasswd, and
authenticate. And view shares, and go into the tmp share.
Conf file:
UW PICO(tm) 4.6
File: /usr/local/samba/lib/smb.conf
[global]
workgroup = MAC
winbind separator = +
idmap uid = 1-2
idmap gid = 1-2
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/winnt/%D/%U
template shell = /bin/false
server string = Samba Server
hosts allow = 192.168.1. 127.
load printers = yes
log file = /var/log/samba.%m
max log size = 50
security = user
password server = *
encrypt passwords = yes
socket options = TCP_NODELAY
; interfaces = 192.168.12.2/24 192.168.13.2/24
dns proxy = no
# Share Definitions
==
[homes]
comment = Home Directories
browseable = no
writable = yes
# This one is useful for people to share files
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
File Attributes:
# ls -la /lib/libnss_winbind.so*
-rwxr-xr-x1 root root19511 Jan 2 14:29
/lib/libnss_winbind.so*
lrwxrwxrwx1 root root 22 Jan 2 14:30
/lib/libnss_winbind.so.2 - /lib/libnss_winbind.so*
Was not able to configure SAMBA with the --with-pam switch.
Also I have no /etc/pam.d directory. ( is that bad?)
Winbind output:
/usr/local/samba/sbin/winbindd -i -d3
winbindd version 3.0.1 started.
Copyright The Samba Team 2000-2003
lp_load: refreshing parameters
Initialising global parameters
params.c:pm_process() - Processing configuration file
/usr/local/samba/lib/smb.conf
Processing section [global]
Processing section [homes]
Processing section [tmp]
adding IPC service
adding IPC service
added interface ip=192.168.1.20 bcast=192.168.1.255 nmask=255.255.255.0
added interface ip=192.168.1.20 bcast=192.168.1.255 nmask=255.255.255.0
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
resolve_lmhosts: Attempting lmhosts lookup for name MAC0x1c
resolve_wins: Attempting wins lookup for name MAC0x1c
resolve_wins: WINS server resolution selected and no WINS servers listed.
resolve_hosts: Attempting host lookup for name MAC0x20
rpc_dc_name: Returning DC W2KSRV1 (192.168.1.10) for domain MAC
IPC$ connections done by user MAC\DOMAIN ADMIN
Connecting to host=W2KSRV1
Connecting to 192.168.1.10 at port 445
Doing spnego session setup (blob length=112)
got OID=1 2 840 48018 1 2 2
got OID=1 2 840 113554 1 2 2
got OID=1 2 840 113554 1 2 2 3
got OID=1 3 6 1 4 1 311 2 2 10
got principal=w2ksrv1$@full domain name
Got challenge flags:
Got NTLMSSP neg_flags=0x60890215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60080215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60080215
add_trusted_domain: MAC is a native mode domain
Added domain MAC
scanning trusted domain list
rpc: trusted_domains
rpc_dc_name: Returning DC W2KSRV1 (192.168.1.10) for domain MAC
IPC$ connections done by user MAC\DOMAIN ADMIN
Connecting to host=W2KSRV1
Connecting to 192.168.1.10 at port 445
Doing spnego session setup (blob length=112)
got OID=1 2 840 48018 1 2 2
got OID=1 2 840 113554 1 2 2
got OID=1 2 840 113554 1 2 2 3
got OID=1 3 6 1 4 1 311 2 2 10
got principal=w2ksrv1$@full domain name
Got challenge flags:
Got NTLMSSP neg_flags=0x60890215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60080215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60080215
scanning trusted domain list
rpc: trusted_domains
The Win2k active directory domain name is actually a SUB domain so,
mac.fulldomain.com. Which is non-standard I believe, FYI.
When the windows system tries to connect here is the log:
# tail -f /var/log/samba.w2ksrv1
[2004/01/03 14:05