From: Volker Lendecke on
On Wed, Mar 10, 2010 at 02:10:14PM -0800, Purnell, Alton J wrote:
> I'm not sure if anyone will get this note.
> If you are willing to help me, page me @ 800.247.0493 .
> I have Samba 2.28 installed and working on 2 Windows Server 2003.
> I am having trouble getting users authenticated on Samba via the windows server.
> I have solaris8 on the unix server. I have tried many, many methods.
> Currently, I trying to configure Samba with a domain setup... still no success

Samba 2.2.8 is ancient. Isn't there a way to get something
newer?

Volker
From: Gaiseric Vandal on
On 03/11/2010 10:38 AM, Volker Lendecke wrote:
> On Wed, Mar 10, 2010 at 02:10:14PM -0800, Purnell, Alton J wrote:
>
>> I'm not sure if anyone will get this note.
>> If you are willing to help me, page me @ 800.247.0493 .
>> I have Samba 2.28 installed and working on 2 Windows Server 2003.
>> I am having trouble getting users authenticated on Samba via the windows server.
>> I have solaris8 on the unix server. I have tried many, many methods.
>> Currently, I trying to configure Samba with a domain setup... still no success
>>
> Samba 2.2.8 is ancient. Isn't there a way to get something
> newer?
>
> Volker
>
Is one of the Windows servers the PDC? Is it in "mixed mode" (i.e. will
support NT4 servers.) If the domain mode is native 2000/2003 it
probably is not going to work.

Or are you trying to configure Samba as the PDC?


On the samba server, do you see the users with "wbinfo -u" command?
Do you see the users with the "getent passwd" command?

If you see the users with "wbinfo -u" but not "getent passwd" verify
that /etc/nsswitch.conf has entries for
passwd: winbind ....
group: winbind ....




Can you update your machine to Solaris 10? That has a bundled Samba
3.0.x. (But Solaris 10 has some pretty big changes as well that you
may want to avoid for now.) Solaris 8 is no longer a supported
platform by Sun.

You can also download precompiled samba packages from
www.sunfreeware.com BUT I don't think it includes the necessary nss
winbind files so you may want to recompile anyway. (I would still use
GCC from sunfreeware for this.) If samba is the PDC and the only samba
server and you aren't setting up domain trusts then you don't need the
winbind stuff working anyway.

Solaris 10 is available for both sparc and x86- you can use a spare PC
as a test machine even if your final platform will be on sparc.
Solaris 9 should also be available for download for both platforms-
Solaris 9 is pretty similar from the command line to Solaris 8.

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Volker Lendecke on
On Thu, Mar 11, 2010 at 11:05:15AM -0500, Gaiseric Vandal wrote:
> On 03/11/2010 10:38 AM, Volker Lendecke wrote:
>> On Wed, Mar 10, 2010 at 02:10:14PM -0800, Purnell, Alton J wrote:
>>
>>> I'm not sure if anyone will get this note.
>>> If you are willing to help me, page me @ 800.247.0493 .
>>> I have Samba 2.28 installed and working on 2 Windows Server 2003.
>>> I am having trouble getting users authenticated on Samba via the windows server.
>>> I have solaris8 on the unix server. I have tried many, many methods.
>>> Currently, I trying to configure Samba with a domain setup... still no success
>>>
>> Samba 2.2.8 is ancient. Isn't there a way to get something
>> newer?
>>
>> Volker
>>
> Is one of the Windows servers the PDC? Is it in "mixed mode" (i.e. will
> support NT4 servers.) If the domain mode is native 2000/2003 it
> probably is not going to work.

That's a myth. The only thing native mode prohibits is a NT4
Backup Domain Controller. Samba members work in all Windows
domain modes, although for example 2.2 won't talk to a
default w2k3 dc due to missing SMB signing in 2.2.

Volker
From: Gaiseric Vandal on
On 03/11/2010 11:31 AM, Volker Lendecke wrote:
> On Thu, Mar 11, 2010 at 11:05:15AM -0500, Gaiseric Vandal wrote:
>
>> On 03/11/2010 10:38 AM, Volker Lendecke wrote:
>>
>>> On Wed, Mar 10, 2010 at 02:10:14PM -0800, Purnell, Alton J wrote:
>>>
>>>
>>>> I'm not sure if anyone will get this note.
>>>> If you are willing to help me, page me @ 800.247.0493 .
>>>> I have Samba 2.28 installed and working on 2 Windows Server 2003.
>>>> I am having trouble getting users authenticated on Samba via the windows server.
>>>> I have solaris8 on the unix server. I have tried many, many methods.
>>>> Currently, I trying to configure Samba with a domain setup... still no success
>>>>
>>>>
>>> Samba 2.2.8 is ancient. Isn't there a way to get something
>>> newer?
>>>
>>> Volker
>>>
>>>
>> Is one of the Windows servers the PDC? Is it in "mixed mode" (i.e. will
>> support NT4 servers.) If the domain mode is native 2000/2003 it
>> probably is not going to work.
>>
> That's a myth. The only thing native mode prohibits is a NT4
> Backup Domain Controller. Samba members work in all Windows
> domain modes, although for example 2.2 won't talk to a
> default w2k3 dc due to missing SMB signing in 2.2.
>
> Volker
>

I stand corrected- I have not tried setting up Samba as an Active
Directory client and had forgotten about this. However I think would
require kerberos configuration on the samba machine- which may open up a
whole new set of challenges. (I could never get kerberos to play nice
between Solaris and Linux machines, let alone trying to have Samba use it.)


Can you set up domain trusts between a Samba Domain (samba PDC) and a
Windows domain with a Win 2003 PDC in Native mode? My understanding
had been that this was an "NT4" domain trust mechanism.

I did try setting up a domain trust trust with a Windows 2008 PDC in
"native 2003" mode - which was did not work. (this may have just been
a discrepancy between NTLM versions or other security settings rather
than a fundamental incompatibility.) The domain trust between Samba
and a Win 2003 PDC in mixed mode did work.






--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba