LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-06-2014, 11:26 AM   #1
Deaner13
LQ Newbie
 
Registered: Aug 2014
Posts: 2

Rep: Reputation: Disabled
Running Samba 3.5.10 with DOMAIN authentication- RHEL5.8


Hey all,

New here and I'm hoping someone can help me figure out this annoying problem I've been having.

I am trying to get a Samba server relocated off of my personal work computer onto one of the servers so that it can be used by everyone with out being affected by what I am doing.

My computer is running RHEL 5.10 with Samba3.6.6 and the server is running RHEL 5.8 with Samba 3.5.10. I am unable to update the RHEL or Samba version on the server as it hosts other services that I can't afford to break.

Here's the problem: My computer, LinuxPC, is able to run a Samba server with DOMAIN authentication with out any problem. LinuxSERVER is able to run a Samba server, but it cannot use our domain controller for authentication, only local Samba accounts. I don't want to have to create 1500 new account just for this tool.

Both of the instances of Samba are running off of the same smb.conf except I've changed the "server string" and "interfaces" to match the correct settings. They are both joined to the domain using "net rpc join domain" and running wbinfo -u and wbinfo -g provides the correct response on each computer.

When I attempt to log on to LinuxSERVER from my Windows computer it says invalid username/password although the same username/password work on LinuxPC.

Here's the smb.conf for LinuxSERVER (samba 3.5.10):
Code:
[global]
	workgroup = MYDOMAIN
	realm = MYDOMAIN.COMPANY.COM
	server string = AS4 Samba Server
	interfaces = xx.xxx.xx.62/255.255.255.0
	security = DOMAIN
	password server = xx.xxx.x.52
	client NTLMv2 auth = Yes
	log level = 10
	log file = /etc/samba/samba.log
	name resolve order = wins bcast hosts
	load printers = No
	add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
	os level = 8
	domain master = No
	wins server = xx.xxx.x.52
	ldap ssl = no
	idmap alloc backend = tdb
	template homedir = /home/winnt/%D/%U
	template shell = /bin/bash
	winbind nss info = rfc2307
	idmap config *:backend = tdb
	idmap config *:range = 70001-80000
	idmap config SAMDOM:backend = ad
	idmap config SAMDOM:schema_mode = rfc2307
	idmap config SAMDOM:range = 500-40000
	hosts allow = xx.xx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx.


[home]
	path = /export/home/
	read only = No
	guest ok = Yes

[tmp]
	path = /tmp
	read only = No
	guest ok = Yes

[cadtools]
	path = /cadtools
	guest ok = Yes

[Projects]
	comment = Projects Directory
	path = /projects
	force group = +Colorado
	read only = No
	create mask = 0775
	directory mask = 0775
	hosts allow = xx.xxx., xx.xxx
And the smb.conf for LinuxPC: (samba 3.6.6)
Code:
 
[global]
	workgroup = MYDOMAIN
	realm = MYDOMAIN.COMPANY.COM
	server string = Colorado Linux Samba Server
	interfaces = xx.xxx.xx.29/255.255.255.0
	security = DOMAIN
	password server = xx.xxx.xx.52
	log level = 10
	log file = /etc/samba/samba.log
	name resolve order = wins bcast hosts
	load printers = No
	add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
	os level = 8
	domain master = No
	wins server = xx.xxx.xx.52
	ldap ssl = no
	template homedir = /home/winnt/%D/%U
	template shell = /bin/bash
	winbind nss info = rfc2307
	idmap config *:range = 70001-80000
	idmap config SAMDOM:backend = ad
	idmap config SAMDOM:schema_mode = rfc2307
	idmap config SAMDOM:range = 500-40000
	idmap config * : backend = tdb
	hosts allow = xx.xx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx., xx.xxx.


[tmp]
	path = /tmp
	read only = No
	guest ok = Yes

[cadtools]
	path = /cadtools
	guest ok = Yes

[Projects]
	comment = Projects Directory
	path = /projects
	force group = +Colorado
	read only = No
	create mask = 0775
	directory mask = 0775
	hosts allow = xx.xxx., xx.xxx

[home]
	path = /export/home
	read only = No

I can't figure it out. I've tried everything I have been able to Google up, but with out being able to update Samba I'm not sure what to do.

Last edited by Deaner13; 08-06-2014 at 11:28 AM. Reason: oops on the code tags
 
Old 08-08-2014, 06:14 PM   #2
dijetlo
Senior Member
 
Registered: Jan 2009
Location: RHELtopia....
Distribution: Solaris 11.2/Slackware/RHEL/
Posts: 1,491
Blog Entries: 2

Rep: Reputation: Disabled
if SAMBA is running as a DC in an environment that has a PDC it would not disturb that structure and the domain accounts should be replicated to the Samba server from the PDC. assuming the replication process supports LDAP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba. Cross domain authentication Felipe Linux - Server 2 02-12-2013 03:15 AM
Is it possible to use kerberos for samba authentication without a domain? a2brute Linux - Server 1 10-15-2010 07:30 AM
Samba authentication using a windows domain controller _os_ Linux - Server 4 08-05-2009 05:50 AM
Samba and ADS domain authentication Linux_Newbie_se Linux - Networking 1 05-19-2004 06:34 PM
Samba authentication in W2k Domain ixion Linux - Networking 7 02-18-2003 08:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration