Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 01-19-2006, 09:32 AM   #1
LQ Newbie
Registered: Aug 2004
Location: Fairfax, VA
Distribution: SUSE LINUX Professional 9.1
Posts: 6

Rep: Reputation: 0
Samba 3.0.21a and Samba Domain Member Servers in a Windows 2003 ADS Domain

So, yeah... I've referenced the Samba documentation nearly non-stop
over the course of the last couple of days, and while I've managed to
iron out most of the issues in my samba implementation, there are a few
nagging, persistent, completely frustrating issues that I can't fix.

My infrastructure consists of 2 Windows 2003 Domain Controllers and 2
Windows 2003 Member Servers. I'm trying to introduce two Linux/Samba
Member Servers into the environment. I've managed to get them to added
into the domain without issues, apparently with kerberos working.
wbinfo -g/-u/-t all work without incident on each box. smbclient -L
\\servername -k transparently authenticates as my local username and
displays all the shares on the server... in short... everything is
apparently working...

What's not working:

1. I can't get access to the samba box unless an account exists in
smbpasswd. This seems silly seeing as the server is supposed to be
doing authentications to the active directory. If this is the way
things are supposed to work, I must say I'm wholly disappointed. My
desired operation is to not have to worry about local user
administration on the samba box at all to get access to shares.

2. mapping root to domain\administrator doesn't seem to behave as
expected either. I have no explanation for this. Logged in as
administrator into one of the domain controllers, I am denied access to
shares available on the samba boxes.

3. access to printer and print queue administration does not work.
users are not able to connect. Administrators are able to connect, but
are unable to manage print jobs.

I'm sure there's other stuff... I typed a much more comprehensive set
of issues last night into linux.samba and my post was denied without
giving me back the whole of my original post...sigh... Here's my
configuration files that I'm pretty sure are applicable. I'll add
issues as I rediscover them to this thread... Any help or ideas are
greatly appreciated...


unix charset = LOCALE
workgroup = MYDOMAIN
server string = SERVERNAME
security = ADS
username map = /etc/samba/smbusers
log level = 5
syslog = 0
log file = /var/log/samba/%m
max log size = 50
ldap ssl = no
idmap uid = 500-10000000
idmap gid = 500-10000000
printing = cups
printcap name = cups
load printers = yes
printcap cache time = 750
cups options = raw
include = /etc/samba/dhcp.conf
wins proxy = yes
dns proxy = yes
name resolve order = wins hosts lmhosts bcast
# wins server = assigned by dhcp
domain master = no
local master = yes
preferred master = no
os level = 34
use kerberos keytab = Yes
winbind separator = +
winbind use default domain = Yes
winbind nested groups = Yes
winbind enum users = yes
winbind enum groups = yes
comment = Home Directories
valid users = %S
browseable = No
read only = No
inherit acls = Yes
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
comment = All Printers
path = /var/spool/samba
public = yes
guest ok = yes
printer admin = root, @ntadmins
printable = Yes
browseable = No
use client driver = Yes
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775


root = MYDOMAIN\Administrator
Old 01-21-2006, 11:08 AM   #2
LQ Newbie
Registered: Aug 2004
Location: Fairfax, VA
Distribution: SUSE LINUX Professional 9.1
Posts: 6

Original Poster
Rep: Reputation: 0
okay... so where do I go to get help on stuff like this? Already tried iRC and Usenet... I guess I should take consolation in the fact that the problems I have are so complicated no one knows how to solve them...
Old 01-24-2006, 03:38 PM   #3
LQ Newbie
Registered: Aug 2004
Location: Fairfax, VA
Distribution: SUSE LINUX Professional 9.1
Posts: 6

Original Poster
Rep: Reputation: 0
bump bump bump
Old 04-09-2006, 08:26 PM   #4
Registered: Feb 2002
Location: Vermont
Distribution: Fedora Cores
Posts: 39

Rep: Reputation: 15
Isnt there supposed to be a "password server" entry in the smb.conf referring to your Active Directory DC? Also, did you check the logs in /var/log/samba/* I had to tail these logs while I tried stuff to see what was going on. Especially the winbindd log. Also, I take it your getent works ok?

Last edited by chosmer; 04-09-2006 at 08:38 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
samba server in windows 2003 domain aizkorri Linux - Networking 1 04-07-2005 10:36 AM
Samba as a Windows 2003 ADS member bigdumbchimp Linux - Networking 0 09-16-2004 10:22 PM
Samba joinng to windows 2003 domain subzero80 Linux - Networking 2 05-26-2004 10:59 AM
Samba as a member of a Windows Domain cjmaxey Linux - Newbie 4 02-03-2003 08:13 PM
setup samba as Windows Domain Member ateh Linux - Networking 4 06-06-2002 03:53 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:40 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration