By Date:	<-- -->
By Thread:	<-- -->

authentication problems

From: Benoit Callebaut <bc (at) cetic.be>
Date: Thu, 15 Jun 2006 09:39:40 +0200

Hello,
I have set up a samba server 3.1.2.
I want to run it as a PDC.
Final target is to use it with LDAP and Kerberos.

At the moment I use tdbsam as backend.

I have authentication problems. Everything is running, I have set the root password, I have created some user account on SAMBA and UNIX. I am lost. I followed the docs (Examples) except for the firewalling and BDC setup (I don't need it at the moment).

smbd, nmbd & winbind are running

I did the following tests:
smbclient //debdell/public
result OK. I can list the content of the share

net USER ADD <username>
result OK : output is : Added user<username>

smbclient -L localhost -U% result OK : I can see the server and the fact that the sever is the master for the workgroup I have set up.

wbinfo -u
result NOK: output is : Error looking up domain users

net rpc join -U administrator
Password:
Could not connect to server DEBDELL
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE

net rpc join -U root
Password:
Creation of workstation account failed
Unable to join domain CETIC1.

here is my smb.conf:

# Samba config file created using SWAT
# from 192.168.0.39 (192.168.0.39)
# Date: 2006/06/12 12:02:34

[global] netbios name = CETIC1 workgroup = CETIC1 server string = %h server (Samba %v) obey pam restrictions = Yes passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . security = user local master = yes domain master = yes domain logons = yes os level = 33 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = wins bcast hosts

add user script = /usr/sbin/useradd -m '%u' delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' add machine script = /usr/sbin/useradd -d /var/lib/nobody -g 100 -s /bin/false -M %u

       logon script = scripts\logon.bat
       logon path =
       logon drive = X:
       domain logons = Yes
       preferred master = Yes
       wins support = Yes
       domain logons = Yes
       dns proxy = No
       panic action = /usr/share/samba/panic-action %d
#       invalid users = root
       include = /etc/samba/dhcp.conf

       winbind separator = /
       winbind cache time = 10
       template shell = /bin/bash
       template homedir = /home/%D/%U
       winbind uid = 10000-20000
       winbind gid = 10000-20000
       winbind enum users = yes
       winbind enum groups = yes
       template shell = /bin/bash

[homes]
       comment = Home Directories
       create mask = 0700
       directory mask = 0700
       browseable = No

[printers]
       comment = All Printers
       path = /var/lib/samba/printers
       create mask = 0700
       printable = Yes
       browseable = No

[print$]
       comment = Printer Drivers
       path = /var/lib/samba/printers

[public]
       path = /var/lib/samba/public

[netlogon]
       comment = Network Logon Service
       path = /var/lib/samba/netlogon/%U
       valid users = %S
       read only = yes

[profiles]
path = /var/lib/samba/profiles
read only = no
create mask = 0600
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Follow-Ups:
- getpeername failed
  - From: Torsten Geile <zuhause (at) tippex.net>

Prev by Date: sid mapping
Next by Date: authentication problems with Samba 3.1.2
Previous by thread: Authentication problems
Next by thread: getpeername failed
Index(es):
- Main
- Thread