Re: [PLUG] HELP !! Samba as part of an Existing Domain

Colin Devine on 31 Mar 2004 16:51:02 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] HELP !! Samba as part of an Existing Domain

From: Colin Devine <devinec@sas.upenn.edu>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] HELP !! Samba as part of an Existing Domain

Date: Wed, 31 Mar 2004 11:50:15 -0500

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031016

Hello,

I would check winbind first. Is it in your smb.conf? Is it running? What is the output of wbinfo -u?

The samba docs are pretty decent for recent versions (you may want to consider upgrading to samba 3). See http://us1.samba.org/samba/docs/man/

--Colin Devine

Jesse Huestis wrote:
Hi::

To put it bluntly, I am a little in over my head. I am still not a Linux vet but any standard. I can do an install, I can even trouble shoot a number of situations, but I am having trouble with this one and am rapidly running out of options to try. Facts:

An existing NT Domain which must remain for at least six months. A new SuSE 8.0 Standard server Samba 2.x, using OpenLDAP and now PAM-SAMBA

Root mapped users have no issue connecting. I created a share which points to the documentation directory (separate form the main /home share) and anyone connects to it fine. In logging user access, I get an error connecting to the PDC indicating I do bit have a trust account, but I have joined the domain from the Linux side. The error in authenicating is NT_AUTH_OK or something close to that.

Things I did which may have messed things up are, I removed the Group Shares created by default and recreated them in the Samba section under /home/shares . I additionally set and then removed some recurive rights to the group Users and then readded them as regular non recursive rights. Lastly, I added pam_samba, after all else fails.

User can browse teh shares, but not get authenticated to them with the exception of the docs share which everyone has access to

I really think there are really two issues. The first is the communications with the existing PDC, which is not being passed correctly on either the PDC SAM side or teh LDAP side. The second issue may be a Linux rights issue. Here I know how to use CHOW and CHMOD, but don't fully understand the impact. Is there additional layers of security..

Things I am investigating today,:

1) Whether or not Winbind is in use and if so correctly/

2) Pam_samba settings

3) Usermaps as the user names on the PDC are not setup to a clear standard

PLease let me know any additional ideas.

Sincerely,

Jesse

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

RE: [PLUG] May's Iptables talk
From: <rekaye1005@earthlink.net>

[PLUG] HELP !! Samba as part of an Existing Domain
From: Jesse Huestis <jhuestis@comcast.net>

Prev by Date: Re: [PLUG] UTF-8, Second Opinion

Next by Date: Re: [PLUG] UTF-8, Second Opinion

Previous by thread: [PLUG] HELP !! Samba as part of an Existing Domain

Next by thread: RE: [PLUG] May's Iptables talk

Index(es):

Date

Thread