HaMBoNE79
2008-05-28, 04:14 PM CDT
I need a little Samba help...
I have a file server that is a member of a domain and authenticates using Active Directory. The authentication for users on the domain is working fine, but I can not authenticate a Samba user (created with smbpasswd) from any other machine on the network. I can, however, authenticate the samba user from the server if I pass it the the user name in the form "LINUX_SERVER/username". If I try this with Windows XP, it keeps prompting me for a password.
I really need to get this working because the local user is a user that does not exist in the AD, but is required for the corporate administrators to push updates to servers in the company.
Here is a copy of my smb.conf file:
[global]
winbind offline logon = yes
#ldap ssl = no
idmap gid = 10000-500000
#obey pam restrictions = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 IPTOS_LOWDELAY SO_KEEPALIVE
wins server = XXX.XXX.XXX.XXX
domain master = No
realm = DOMAIN.COM
winbind use default domain = yes
veto files = /.undelete/.*/
template shell = /bin/bash
unix extensions = No
unix password sync = Yes
server string = Engineering file server
idmap uid = 10000-500000
password server = XXX.XXX.XXX.XXX
local master = No
template homedir = /home/shares/cal_homes/%U
workgroup = DOMAIN
valid users = DOMAIN+%U, DOMAIN2+%U, LINUX_SERVER+%
security = ADS
preferred master = No
winbind separator = +
winbind cache time = 21600
winbind refresh tickets = Yes
idmap cache time = 21600
#encrypt passwords = Yes
#winbind enable local accounts = no
#oplocks = no
#level2 oplocks = Yes
#share modes = yes
#max smbd processes = 5000
[ptc]
path = /home/shares/ptc
write list = @DOMAIN\DOMAIN_PROE_ADMIN, proe_install, testuser
read only = Yes
locking = Yes
share modes = yes
I have a file server that is a member of a domain and authenticates using Active Directory. The authentication for users on the domain is working fine, but I can not authenticate a Samba user (created with smbpasswd) from any other machine on the network. I can, however, authenticate the samba user from the server if I pass it the the user name in the form "LINUX_SERVER/username". If I try this with Windows XP, it keeps prompting me for a password.
I really need to get this working because the local user is a user that does not exist in the AD, but is required for the corporate administrators to push updates to servers in the company.
Here is a copy of my smb.conf file:
[global]
winbind offline logon = yes
#ldap ssl = no
idmap gid = 10000-500000
#obey pam restrictions = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 IPTOS_LOWDELAY SO_KEEPALIVE
wins server = XXX.XXX.XXX.XXX
domain master = No
realm = DOMAIN.COM
winbind use default domain = yes
veto files = /.undelete/.*/
template shell = /bin/bash
unix extensions = No
unix password sync = Yes
server string = Engineering file server
idmap uid = 10000-500000
password server = XXX.XXX.XXX.XXX
local master = No
template homedir = /home/shares/cal_homes/%U
workgroup = DOMAIN
valid users = DOMAIN+%U, DOMAIN2+%U, LINUX_SERVER+%
security = ADS
preferred master = No
winbind separator = +
winbind cache time = 21600
winbind refresh tickets = Yes
idmap cache time = 21600
#encrypt passwords = Yes
#winbind enable local accounts = no
#oplocks = no
#level2 oplocks = Yes
#share modes = yes
#max smbd processes = 5000
[ptc]
path = /home/shares/ptc
write list = @DOMAIN\DOMAIN_PROE_ADMIN, proe_install, testuser
read only = Yes
locking = Yes
share modes = yes