W2K3 to Samba 2.2.7a - SMB

This is a discussion on W2K3 to Samba 2.2.7a - SMB ; I'm running a W2K3 AD domain: w2k3dom.internal Domain is running in domain functional level Windows Server 2003 Forest is running in forest functional level Windows Server 2003 My DNS server is: 10.20.1.100 My WINS server is: 10.20.1.100 My server name ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: W2K3 to Samba 2.2.7a

  1. W2K3 to Samba 2.2.7a

    I'm running a W2K3 AD domain: w2k3dom.internal
    Domain is running in domain functional level Windows Server 2003
    Forest is running in forest functional level Windows Server 2003
    My DNS server is: 10.20.1.100
    My WINS server is: 10.20.1.100
    My server name is: dc1site1 (10.20.1.100)
    My Linux workstation name is: linux

    I can successfully ping dc1site1 from my Linux workstation.
    I can successfully ping my Linux workstation from my W2K3 server
    The Linux workstation appears in the browse list on my W2K3 server, but no
    shares are visible
    The Linux workstation appears correctly in DNS and WINS on my W2K3 server.

    I try to map a drive from W2K32 to Samba with:
    net use * \\linux\sambaroot
    I am prompted for a Linux username. I use root
    I am prompted for a password. I use the root password
    I get "System error 1326 Logon failure: unknown user name or bad password"
    On the Linux machine, the .log file contains the following:
    smbd/password.c:domain_client_validate(1556) domain_client_validate: could
    not fetch trust account password for domain W2K3DOM
    immediately followed by:
    passdb/pdb_smbpasswd.c: pdb_getsampwnam(1369) unable to open passdb database

    My smb.conf is as follows:
    [global]
    workgroup = W2K3DOM
    server string = Samba server
    security = DOMAIN
    encrypt passwords = yes
    smb passwd file = /etc/samba/smbpasswd
    pam password change = yes
    obey pam restrictions = yes
    socket options = TTCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    wins server = 10.20.1.100
    password server = dc1site1.w2k3dom.internal
    dns proxy = no
    [sambaroot]
    path = /shares/sambaroot
    writeable = yes
    guestok = yes

    Any assistance appreciated.



  2. Re: W2K3 to Samba 2.2.7a


    "Linux Newbie" wrote in message
    news:jSdzb.37130$aT.23421@news-server.bigpond.net.au...
    > I'm running a W2K3 AD domain: w2k3dom.internal
    > Domain is running in domain functional level Windows Server 2003
    > Forest is running in forest functional level Windows Server 2003
    > My DNS server is: 10.20.1.100
    > My WINS server is: 10.20.1.100
    > My server name is: dc1site1 (10.20.1.100)
    > My Linux workstation name is: linux
    >
    > I can successfully ping dc1site1 from my Linux workstation.
    > I can successfully ping my Linux workstation from my W2K3 server
    > The Linux workstation appears in the browse list on my W2K3 server, but no
    > shares are visible
    > The Linux workstation appears correctly in DNS and WINS on my W2K3 server.
    >
    > I try to map a drive from W2K32 to Samba with:
    > net use * \\linux\sambaroot
    > I am prompted for a Linux username. I use root
    > I am prompted for a password. I use the root password
    > I get "System error 1326 Logon failure: unknown user name or bad password"
    > On the Linux machine, the .log file contains the following:
    > smbd/password.c:domain_client_validate(1556) domain_client_validate: could
    > not fetch trust account password for domain W2K3DOM
    > immediately followed by:
    > passdb/pdb_smbpasswd.c: pdb_getsampwnam(1369) unable to open passdb

    database
    >
    > My smb.conf is as follows:
    > [global]
    > workgroup = W2K3DOM
    > server string = Samba server
    > security = DOMAIN
    > encrypt passwords = yes
    > smb passwd file = /etc/samba/smbpasswd


    The smbpasswd file is not needed if you are using security = DOMAIN.
    Authentication is done on the DC's.

    > pam password change = yes
    > obey pam restrictions = yes
    > socket options = TTCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    > wins server = 10.20.1.100
    > password server = dc1site1.w2k3dom.internal


    You can use "password server = *" Samba looks for a password server using
    the same methods as a Windows system would. This is a better way to do it if
    you have more than one DC as it will find the first available, especially if
    the one you specify is not available for some reason.

    > dns proxy = no
    > [sambaroot]
    > path = /shares/sambaroot
    > writeable = yes
    > guestok = yes
    >

    guest ok = yes, but that is not part of the problem.

    > Any assistance appreciated.
    >

    I guess the other thing I should ask, have you joined the Samba system to
    the domain ? from the docs:

    In order to join the domain, first stop all Samba daemons and run the
    command:
    root# smbpasswd -j DOM -r DOMPDC -UAdministrator%password

    as we are joining the domain DOM and the PDC for that domain (the only
    machine that has write access to the domain SAM database) is DOMPDC. The
    Administrator%password is the login name and password for an account which
    has the necessary privilege to add machines to the domain. If this is
    successful you will see the message:

    smbpasswd: Joined domain DOM.

    Even though you are using domain authentication, the domain user accounts
    need a matching linux user account or a smbusers file to map domain accounts
    to linux accounts.




+ Reply to Thread