RE: [SLE] Samba as PDC: My first time
Have you enabled the users that need access to the PDC? Here is how smbpasswd -e praise. This is after they have a passwd and userid. Also, you need a netlogon directory for a PDC. If you need any more help just let us know. Thanks! NeoFax -----Original Message----- From: Praise [mailto:praisetazio@tiscalinet.it] Sent: Thursday, September 27, 2001 11:40 PM To: suse-linux-e@suse.com Subject: [SLE] Samba as PDC: My first time I am trying to set up Samba as PDC for my small network for the first time. I have been following the "using samba" book instructions. My problem is that samba says "password incorrect". Obviously, it isnt, as I can access to smb share with that password. here it is the smb.log: [2001/09/27 23:28:44, 1] smbd/reply.c:reply_sesssetup_and_X(933) Rejecting user 'lorenzo': bad password [2001/09/27 23:31:34, 0] lib/util_sock.c:set_socket_options(151) Failed to set socket option SO_KEEPALIVE (Error Bad file descriptor) [2001/09/27 23:31:34, 0] lib/util_sock.c:set_socket_options(151) Failed to set socket option TCP_NODELAY (Error Bad file descriptor) [2001/09/27 23:34:34, 0] lib/util_sock.c:set_socket_options(151) Failed to set socket option SO_KEEPALIVE (Error Bad file descriptor) [2001/09/27 23:34:34, 0] lib/util_sock.c:set_socket_options(151) Failed to set socket option TCP_NODELAY (Error Bad file descriptor) [2001/09/27 23:35:04, 1] smbd/reply.c:reply_sesssetup_and_X(933) Rejecting user 'praise': bad password I do not understand what are the other errors, and I do not undertand why the password should be bad. If I use the passwords to mount filesystems on Linux I have no problem. The Client is Win98SE, and the passwords are all encrypted. Praise -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
Il 06:27, venerdì 28 settembre 2001, Milnes Terry SSgt 52 LG/LGOP ha scritto:
Have you enabled the users that need access to the PDC? Here is how smbpasswd -e praise. This is after they have a passwd and userid. Also, you need a netlogon directory for a PDC. If you need any more help just let us know. Thanks!
NeoFax
Yes those users are commonly enabled, and they can access to the samba server if their Windows 98 client is not using samba as PDC. I already got the netlogon share. I think I am missing something easy, but I do not know what. Praise
Do you have at /var/log/messages any PAM error ? If you're using encrypted passwords make sure that /etc/pam.d/samba includes this line : auth required /lib/security/pam_smb_auth.so Keep in mind that this PAM module *only* supports Authentification management. Logon will fail if you try to use this module in any other management area. also, make sure /etc/smb.conf includes these sentences : encrypt passwords = yes domain logons = yes domain master = yes valid users = < list of valid users here, can be a group of /etc/group > hope it helps =) Regards, -----Mensaje original----- De: Praise [mailto:praisetazio@tiscalinet.it] Enviado el: viernes, 28 de septiembre de 2001 10:28 Para: suse-linux-e@suse.com Asunto: Re: [SLE] Samba as PDC: My first time Il 06:27, venerdì 28 settembre 2001, Milnes Terry SSgt 52 LG/LGOP ha scritto:
Have you enabled the users that need access to the PDC? Here is how smbpasswd -e praise. This is after they have a passwd and userid. Also, you need a netlogon directory for a PDC. If you need any more help just let us know. Thanks!
NeoFax
Yes those users are commonly enabled, and they can access to the samba server if their Windows 98 client is not using samba as PDC. I already got the netlogon share. I think I am missing something easy, but I do not know what. Praise -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
Il 12:42, venerdì 28 settembre 2001, Josep Gaspar ha scritto:
Do you have at /var/log/messages any PAM error ?
If you're using encrypted passwords make sure that /etc/pam.d/samba includes this line :
auth required /lib/security/pam_smb_auth.so
Keep in mind that this PAM module *only* supports Authentification management. Logon will fail if you try to use this module in any other management area.
also, make sure /etc/smb.conf includes these sentences :
encrypt passwords = yes domain logons = yes domain master = yes valid users = < list of valid users here, can be a group of /etc/group >
hope it helps =)
My /etc/pam.d/samba does not include that line, moreover I do not have any "/lib/security/pam_smb_auth.so" in my system. I am using Suse 7.1, with the standard samba 2.0.7 My /etc/smb.conf is good, it includes those sentences. And no, /var/log/messages does not register any mistake about PAM while trying (and failing) to get in my domain. I am just curious: in swat, what is the "Client/Server Password Management"? Is that what I am missing? Praise
That's probably the reason you are having login problems. To use SMB encrypted passwords you must use pam_smb. Dont think there is any other way. I'm currently using SuSE 7.2, but I bet this package is also available in 7.1 distribution.do the following to configure it : - Run Yast,and install pam_smb package. You can find it under N (Network) Serie. - Edit /etc/pam.d/samba write in this line auth required /lib/security/pam_smb_auth.so - Edit /etc/pam_smb.conf as follows 1st file line -> YOUR_DOMAIN_NAME ( Your domain name ) 2nd file line -> PDC_SERVER_NAME ( Your PDC server name ) 3rd file line -> BDC_SERVER_NAME ( if applicable, if not, just blank ) - Add to smb user database all users you want to be able to log in to samba with smbadduser UNIX_USERNAME:SMB_USER_NAME - Finally, make sure that client's registry does NOT contain EnablePlainTextPassword = 1 At this point, you should be able to login in normally from any configured windoze box In case SuSE 7.1 didnt include pam_smb package, you can grab it here http://rpmfind.net/linux/SuSE-Linux/i386/7.1/full-names/i386/ hope it helps, Regards, Josep Gaspar -----Mensaje original-----
If you're using encrypted passwords make sure that /etc/pam.d/samba includes this line :
auth required /lib/security/pam_smb_auth.so
Keep in mind that this PAM module *only* supports Authentification management. Logon will fail if you try to use this module in any other management area.
My /etc/pam.d/samba does not include that line, moreover I do not have any "/lib/security/pam_smb_auth.so" in my system. I am using Suse 7.1, with the standard samba 2.0.7 Praise -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
Il 15:32, venerdì 28 settembre 2001, Josep Gaspar ha scritto:
That's probably the reason you are having login problems. To use SMB encrypted passwords you must use pam_smb. Dont think there is any other way. I'm currently using SuSE 7.2, but I bet this package is also available in 7.1 distribution.do the following to configure it :
- Run Yast,and install pam_smb package. You can find it under N (Network) Serie. - Edit /etc/pam.d/samba write in this line
auth required /lib/security/pam_smb_auth.so
- Edit /etc/pam_smb.conf as follows
1st file line -> YOUR_DOMAIN_NAME ( Your domain name ) 2nd file line -> PDC_SERVER_NAME ( Your PDC server name ) 3rd file line -> BDC_SERVER_NAME ( if applicable, if not, just blank )
- Add to smb user database all users you want to be able to log in to samba with
smbadduser UNIX_USERNAME:SMB_USER_NAME
- Finally, make sure that client's registry does NOT contain EnablePlainTextPassword = 1
It was not the problem. I have done what you have advised, but no difference. They can enter the shares, (so the password are correct and encrypted) but not the domain. Praise
It was not the problem. I have done what you have advised, but no difference. They can enter the shares, (so the password are correct and encrypted) but not the domain.
Praise
Moreover with that toy it refuses to let people access their shares with the usual password. I think it's because it looks for itself as a PDC but it does not find itself. My samba server is the only PDC in the network. Praise
;( well..., that's how I have my 7.2 box configured and working...only difference is samba package ( mine is version 2.2.0a ) I cant think about anything else atm...sorry. Got to leave the list for a while now...I'll let you know if there is something else that comes to my mind. Good luck Josep Gaspar
- Add to smb user database all users you want to be able to log in to samba with
smbadduser UNIX_USERNAME:SMB_USER_NAME
- Finally, make sure that client's registry does NOT contain EnablePlainTextPassword = 1
It was not the problem. I have done what you have advised, but no difference. They can enter the shares, (so the password are correct and encrypted) but not the domain. Praise -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
participants (3)
-
Josep Gaspar
-
Milnes Terry SSgt 52 LG/LGOP
-
Praise