[Linuxtrent] Samba PDC -> samba client winbind
- From: Stefano Bridi <stefano.bridi@xxxxxxxx>
- To: LinuxTrent Mailing List <linuxtrent@xxxxxxxxxxxxx>
- Date: Tue, 21 Dec 2004 11:21:12 +0100
Dopo aver fatto [1] funzionare un PDC samba (via ldap) ed aver a questo
collegato alcuni PC windows ho voluto/dovuto far autenticare su questo
anche una macchina linux.
L'ho fatto altre volte partendo da quanto scritto da Diaolin sul sito:
http://www.linuxtrent.it/Members/diaolin/SambaWithoutUsers/view
ma sempre usando un PDC NT4 e mai con un PDC samba3
smb.conf e' configurato, infatti testparm restituisce:
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
# Global parameters
[global]
display charset = ISO8859-15
workgroup = miodominio
server string = Samba Server %v
security = DOMAIN
obey pam restrictions = Yes
log level = 9
log file = /var/log/samba/%m.log
max log size = 500
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = /etc/printcap
os level = 40
local master = No
dns proxy = No
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
winbind use default domain = Yes
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
nsswitch.conf e' configurato
passwd: files winbind
shadow: files
group: files winbind
hosts: files dns
/etc/pam.d/system-auth anche (e' una CentOS3.1 (RedHat Enterprise 3))
^^^^^^^^^^^^^^^^^^^^^^
questo file e' l'equivalente dei common-* di debian e contiene:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_warn.so
auth sufficient /lib/security/$ISA/pam_winbind.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account sufficient /lib/security/$ISA/pam_winbind.so
account sufficient /lib/security/$ISA/pam_unix.so
#account required /lib/security/$ISA/pam_unix.so
password required /lib/security/$ISA/pam_cracklib.so retry=3
type=
password sufficient /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_mkhomedir.so
skel=/etc/skel/ umask=0027
session optional /lib/security/$ISA/pam_unix.so
############## fine file ##################################
Join del dominio fatto
net rpc join -S PDC -U Administrator
gentent passwd
e
gentent group
funzionano
ma non riesco a collegarmi in ssh sulla macchina:
in /var/log/messages trovo:
pam_winbind[11420]: request failed: No such user, PAM error was 10, NT
error was NT_STATUS_NO_SUCH_USER
e se provo a fare su - utente da root
mi stampa a video
Creating directory '/home/MIODOMINIO/utente'.
could not open session
pam_winbind[11711]: user 'utente' granted acces
su(pam_unix)[11711]: session opened for user ccr by root(uid=0)
In ogni caso non mi crea la home.
Cosa ho dimenticato stavolta?
ciao
stef
[1] ho ancora qualche casino con imromaing profile ma mi faro' vivo in
seguito....
--
Per iscriversi (o disiscriversi), basta spedire un messaggio con OGGETTO
"subscribe" (o "unsubscribe") a mailto:linuxtrent-request@xxxxxxxxxxxxx
Other related posts:
