Colin Devine on 31 Mar 2004 16:51:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] HELP !! Samba as part of an Existing Domain


Hello,

I would check winbind first. Is it in your smb.conf? Is it running? What is the output of wbinfo -u?

The samba docs are pretty decent for recent versions (you may want to consider upgrading to samba 3). See http://us1.samba.org/samba/docs/man/

--Colin Devine

Jesse Huestis wrote:
Hi::

To put it bluntly, I am a little in over my head. I am still not a Linux vet but any standard. I can do an install, I can even trouble shoot a number of situations, but I am having trouble with this one and am rapidly running out of options to try. Facts:

An existing NT Domain which must remain for at least six months.
A new SuSE 8.0 Standard server
Samba 2.x, using OpenLDAP and now PAM-SAMBA

Root mapped users have no issue connecting. I created a share which points to the documentation directory (separate form the main /home share) and anyone connects to it fine. In logging user access, I get an error connecting to the PDC indicating I do bit have a trust account, but I have joined the domain from the Linux side. The error in authenicating is NT_AUTH_OK or something close to that.

Things I did which may have messed things up are, I removed the Group Shares created by default and recreated them in the Samba section under /home/shares . I additionally set and then removed some recurive rights to the group Users and then readded them as regular non recursive rights. Lastly, I added pam_samba, after all else fails.

User can browse teh shares, but not get authenticated to them with the exception of the docs share which everyone has access to

I really think there are really two issues. The first is the communications with the existing PDC, which is not being passed correctly on either the PDC SAM side or teh LDAP side. The second issue may be a Linux rights issue. Here I know how to use CHOW and CHMOD, but don't fully understand the impact. Is there additional layers of security..

Things I am investigating today,:

1) Whether or not Winbind is in use and if so correctly/

2) Pam_samba settings

3) Usermaps as the user names on the PDC are not setup to a clear standard

PLease let me know any additional ideas.

Sincerely,

Jesse

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug