RE: [Samba] system-auth-winbind
This is a discussion on RE: [Samba] system-auth-winbind within the Samba forums, part of the Networking and Network Related category; WOOO HOOOO!!!! sorry, got a little excited. I finally realized what I needed to do inorder to get Samba to ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-11-2006
|
|||
|
|||
RE: [Samba] system-auth-winbind
WOOO HOOOO!!!!
sorry, got a little excited. I finally realized what I needed to do inorder to get Samba to allow me = access to the home folder share. Under [homes], I changed "valid users =3D %S" to "valid users =3D = %D\%S". And it finally let me right in, I had to do the same for "write = list =3D %S". PLUS, I also left /etc/pam.d/samba with the contents of = /etc/samba/system-auth-winbind. Also I found out on my setup that if you belong to more than one group, = "Domain Users" might not be of use. I had to specify a particular = group(s) for the permissions to work. -----Original Message----- From: samba-bounces+ggutierrez=3Dmarketscan.com@lists.samba.or g [mailto:samba-bounces+ggutierrez=3Dmarketscan.com@lists.samba.or g]On Behalf Of Guillermo Gutierrez Sent: Friday, March 10, 2006 11:49 AM To: samba@lists.samba.org Subject: RE: [Samba] system-auth-winbind I really would like to be able to use samba with ADS/kerberos/PAM domain = authentication. ADS/kerberos/PAM domain authentication works with SSH now, it works if I = login on the console with a domain account, but it wont work if I try to = vavigate to the Samba shares by UNC path. Please, someone take a look at the info below and let me know what I am = doing wrong or of you need more info. -----Original Message----- From: samba-bounces+ggutierrez=3Dmarketscan.com@lists.samba.or g [mailto:samba-bounces+ggutierrez=3Dmarketscan.com@lists.samba.or g]On Behalf Of Guillermo Gutierrez Sent: Thursday, March 09, 2006 12:59 PM To: samba@lists.samba.org Subject: [Samba] system-auth-winbind I found this file in the /etc/samba directory: system-auth-winbind It looks like it has been setup to be used by samba for pam. Does anyone = know if that is what it is for? I tried to copy the contents into the /etc/pam.d/samba file but I still = could not get access to the Home directory navigating to it = \\Solidus\<userhome>. This is the only thing that I cannot get working.=20 SSH works with pam now, logging in to the console with domain profiles = with pam works now. Navigating to the samba shares only works with the public folder, not = the home directory. Here is my /etc/pam.d/samba contents: #%PAM-1.0 # $Header: = /var/cvsroot/gentoo/src/patchsets/samba/configs/system-auth-winbind,v = 1.1 2005/08/09 12:56:26 seemant Exp $ auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_winbind.so auth sufficient /lib/security/pam_unix.so likeauth nullok = use_first_pass auth required /lib/security/pam_deny.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_unix.so password required /lib/security/pam_cracklib.so retry=3D3 password sufficient /lib/security/pam_unix.so nullok use_authtok = md5 shadow password required /lib/security/pam_deny.so session required /lib/security/pam_mkhomedir.so = skel=3D/etc/skel/ umask=3D0077 session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so and here is my smb.conf: # Samba config file created using SWAT # from 10.11.7.56 (10.11.7.56) # Date: 2006/03/08 06:09:01 [global] workgroup =3D MARKETSCAN realm =3D MARKETSCAN.COM server string =3D %h, Samba Server %v interfaces =3D lo, eth0 bind interfaces only =3D Yes security =3D ADS password server =3D nostradamus, nostradamus_ii log level =3D 5 log file =3D /var/log/samba/log.%m max log size =3D 50 socket options =3D TCP_NODELAY SO_RCVBUF=3D32768 = SO_SNDBUF=3D32768 load printers =3D No disable spoolss =3D Yes os level =3D 2 domain master =3D No preferred master =3D No local master =3D No dns proxy =3D No wins proxy =3D No wins server =3D 10.11.3.198 ldap ssl =3D No idmap uid =3D 10000-20000 idmap gid =3D 10000-20000 template shell =3D /bin/bash template home dir =3D /home/%D/%U winbind use default domain =3D Yes [public] comment =3D %h Public Share Directory path =3D /home/samba/public valid users =3D "@MARKETSCAN\Domain Users" write list =3D "@MARKETSCAN\Domain Users" read only =3D No map readonly =3D no [homes] comment =3D Home directory for %U #path =3D /home/%D/%U valid users =3D %S write list =3D %S read only =3D No hide dot files =3D No map readonly =3D no browseable =3D No Please let me know what I have misconfigured or not configured. thanks, Guillermo Gutierrez Development Systems Engineer Market Scan Information Systems (818) 575-2000 x2427 ggutierrez@marketscan.com --=20 To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba --=20 To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
Linear Mode
