LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   SUSE 9.1 joinn windows NT 4.0 domain (https://www.linuxquestions.org/questions/linux-networking-3/suse-9-1-joinn-windows-nt-4-0-domain-209837/)

sunburntkamel 07-26-2004 11:30 AM
SUSE 9.1 joinn windows NT 4.0 domain
 
I'm trying to get a SUSE 9.1 workstation to join my windows domain, using logins from my windows domains. this might be foolish, or it might be something better attempted with xandrOS, but here's what i've encountered so far:

users from my domain show up in the login box, but when i attempt to login with those users, i get a box that says "xsession: login for domain\user is disabled" and has an "okay" button.

i found this thread:
http://lists.suse.com/archive/suse-l...-Dec/1633.html
and i made those changes.

now i can log in fine, but when KDE attempts to start up i get three errors:

/home/usr/.DCOPserver_k2node-16__0 check to see if your DCOPserver is running

"Will not save configuration
Configuration file "/home/usr/.kde/share/config/kwinrc" not writable

Configuration file "/home/usr/.kde/share/config/kdeglobals" not
writable

Please contact your system admin."

$HOME is not writable

in theory,
chown -R youruser:yourgroup /home/usr/.kde
should fix that, but since these are domain users, they have no local files, and i can't change permissions to those users, since they don't exist locally.

the reason i'm trying to do this is so that the users won't have to repeatedly authenticate when they want to browse network resources. if there's a better way to do this, that would be useful, too.

sunburntkamel 07-27-2004 12:21 PM
update
 
ok.. i was able to do
chown -R DOMAIN\user:DOMAIN\group /home/group/usr/.kde
which fixed the errors inside of .kde

also, in /etc/pam.d/login

template homedir=/home/%D+%U

should have been

template homedir=/home/%D/%U

but i still get
"could not read network connection list
...
please check that .DCOPserver is running"

jrmann1999 07-27-2004 12:38 PM
Your issue revolves around domain user and group mapping. You have to explictly map your NT users to linux users(same with groups) instead of just chowning the individual directories. NT domain ids are really weird strings(S-1-2-000-...) that obviously linux doesn't understand. Go look in samba documentation for "domain group maps" and "domain user maps".

sunburntkamel 07-27-2004 02:00 PM
Quote:
Originally posted by jrmann1999
Your issue revolves around domain user and group mapping. You have to explictly map your NT users to linux users(same with groups) instead of just chowning the individual directories.
isn't that what winbind is doing? i'm not so concerned with whether NT users have rights over local files, as whether local users have access to files on the server. the person who will use this computer isn't very tech-savvy, and i don't want him to have to log in to the server every time. at the very least, the statement is backwards, the linux users need to be mapped to NT users. it's the NT server that needs to know who is attempting to access files. i'll look into it.

p.s. that's the most obnoxious signature i've ever seen

jrmann1999 07-27-2004 02:13 PM
The sig comes from before LQ had an affero button. Thanks for noticing, I removed it...


All times are GMT -5. The time now is 12:53 PM.