From: Mike Leone on
I've been at this for days, and making no headway. It's very
discouraging. I have a Win2003 domain, that has the Services for Unix
extensions installed. I am trying to have multiple Samba servers as
domain members. (in my case, one desktop sharing files, and one laptop,
accessing the shares). And at the moment, it doesn't (fully) work.

Each Samba server can see shares from the other. Windows clients can see
and mount shares from each Samba server. Each Samba server can mount
shares from Windows clients on the domain. What they can't do ... is
mount shares from each other. I get

mount error(13): Permission denied

no matter what I try, I find various pages on how to do this, half of
which conflict with each other, or are outdated, none of which work.

I am using virtually the same smb.conf on both machines.

Domain name = DCRIB.LOCAL (short name DACRIB)
Win2003 DC = dim-win2300.dacrib.local
2 Ubuntu 9.10 members (Samba 3.4.0)
Desktop = workhorse (with various shares)
Laptop = Dual-Booter (which will access the shares on workhorse and
elsewhere)

So, can anyone point out what's wrong with these configs? Dual-Booter
can see the shares on workhorse, and workhorse can see the share on
Dual-Booter. Each can (and is) mounting shares from a WinXP machine. I
can get Kerberos tickets on each Samba server. Each Samba server can
mount a share from a WinXP desktop called "p4-desktop", altho I seem to
have to specify the username as "turgon(a)DACRIB" in the credentials; it
doesn't work any other way. I can't mount shares from the other Samba
regardless of how I specify the user, however.

testparm output - Dual-Booter:


[global]
workgroup = DACRIB
realm = DACRIB.LOCAL
server string = %h server (Samba %v, Domain: %D, Server: %L - %R)
security = ADS
auth methods = winbind
map to guest = Bad User
obey pam restrictions = Yes
password server = dim-win2300.DaCrib.local
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
client NTLMv2 auth = Yes
log level = 3
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
server signing = auto
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 2
local master = No
domain master = No
dns proxy = No
eventlog list = Application, System, Security, SyslogLinux
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind nss info = rfc2307
winbind refresh tickets = Yes
idmap config DACRIB:range = 10000 - 20000
idmap config DACRIB:backend = rid
idmap config DACRIB:schema_mode = rfc2307
hide dot files = No

[TestShare]
path = /TestShare

testparm output - Dual-Booter:

[global]
workgroup = DACRIB
realm = DACRIB.LOCAL
server string = %h server (Samba %v, Domain: %D, Server: %L - %R)
security = ADS
auth methods = winbind
map to guest = Bad User
obey pam restrictions = Yes
password server = dim-win2300.DaCrib.local
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
client NTLMv2 auth = Yes
log level = 2
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
server signing = auto
os level = 2
local master = No
domain master = No
dns proxy = No
eventlog list = Application, System, Security, SyslogLinux
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind nss info = rfc2307
winbind refresh tickets = Yes
idmap config DACRIB:schema_mode = rfc2307
idmap config DACRIB:range = 10000-20000
idmap config DACRIB:backend = rid
invalid users = root
read only = No
create mask = 0700
directory mask = 0775
hide dot files = No
wide links = No

[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
browsable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers


[OldHome]
comment = The Old Home Folder
path = /OldHome

Thanks for any help.


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba