I have set up samba to be a AD member and no other linux boxes. It worke=
I set up samba to be a PDS with no other linux boxes. It worked well.

Now, I need to make a samba client that works with the samba PDS. I can joi=
the domain. winbind can list users and such. getent doesnt work.

I can see the authentication succeeding on the PDS but I cant access any
shares. smbclient -L DOMAIN shows all the shares.

I just cant seem to authenticate except as root.

I realize that this PDC is not AD so i dont need krb but I dont know what I
need to authenticate between the samba machines. I thought this was going
to be easy.

Here is my PDC smb.conf

# PDC Samba Configuration File
# by Lorenzo Allori
# To be edited and then copied to /usr/local/samba/lib/smb.conf


netbios name =3D SERENITY
workgroup =3D SERENITY
log level =3D 2
log file =3D /var/log/samba/sambapdc.log
security =3D share
;invalid users =3D root
interfaces =3D
security =3D user
server string =3D %h server (Samba %v)
syslog only =3D no

# Performance tuning
# Remember to increase or decrease by 1024 SO_SNBUF and SO_RCVBUF


# If you are accessing by multiple users to a single MSAccess File (*.mdb)
# Uncomment theese two lines about oplocks you have to disable them.
# oplocks =3D False
# level2oplocks =3D False

encrypt passwords =3D yes

# NT Domain Section
wins support =3D yes
os level =3D 34
domain master =3D yes
local master =3D yes
preferred master =3D yes
domain logons =3D yes

logon script =3D logon.bat
# Where the scripts resides.
logon path =3D \\SERENITY\profiles\%u
# Where the profiles are
logon home =3D \\SERENITY\home\samba\users\%u

name resolve order =3D lmhosts host wins bcast
dns proxy =3D no

smb passwd file =3D /usr/local/samba/private/smbpasswd

# Uncomment this lines only if you know what you are doing.

# unix password sync =3D yes
# passwd program =3D /usr/bin/passwd %u
# passwd chat =3D *Enter\snew\sUNIX\spassword:*\
# %n\n *Retype\snew\sUNIX\spassword:* %n\n .

# How long do you want the samba log file to be?
max log size =3D 2000

time server =3D yes

path =3D /home/samba/netlogon
public =3D no
writeable =3D no
browsable =3D no
read only =3D yes
write list =3D administrator

create mode =3D 0600
directory mode =3D 0700
path =3D /home/samba/profiles
;profile acls =3D yes
read only =3D no
writable =3D yes
browseable =3D no

And this works fine with windows boxes. Roaming profiles and the whole bit.

here is my member smb.conf

workgroup =3D SERENITY
security =3D domain
password server =3D *
hosts allow =3D 192.168.1., 192.168.3., 127.
load printers =3D yes
printing =3D cups
printcap name =3D cups
comment =3D All Printers
path =3D /var/spool/samba
browseable =3D no
public =3D yes
guest ok =3D yes
writable =3D no
printable =3D yes
printer admin =3D root, @"SERENITY\domain"
comment =3D Printer Drivers
path =3D /var/lib/samba/printers
browseable =3D yes
read only =3D yes
guest ok =3D no
write list =3D root
path =3D /shares
public =3D Yes
read only =3D no
browseable =3D Yes
valid users =3D @"SERENITY\users"
comment =3D Home Directories
read only =3D No
browseable =3D Yes
valid users =3D %D+%S
create mode =3D 0664

Is there someting I need to change to in nsswitch.conf or /etc/pam.d/samba.
Another way to authenticate?

I hope someone can point me in the right direction.
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba