superbike
24.03.05, 13:57
Hallo Leute,
Suse 9.2 steht auf dem Anmeldebildschirm bereit, die Symbole aller w2kuser stehen zum Anklicken bereit, aber keiner kann sich mit korrektem Passwort anmelden. :mad:
net ads testjoin meldet: Join is OK; getent passwd bringt alle w2k user (ARATHUNERSEE+username) und die lokalen dazu. Test mit chown funktioniert.
Meine Konfigs:
/etc/samba/smb.conf
[global]
# general options
workgroup = ARATHUNERSEE
netbios name = Lexus
# winbindd configuration
# default winbind separator is \, which is good if you
# use mod_ntlm since that is the character it uses.
# users only need to know the one syntax
winbind separator = +
# idmap uid and idmap gid are aliases for
# winbind uid and winbid gid, respectively
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
# Active directory joining
# "ads server" is only necessary if your kdc
# can't be located using /etc/krb5.conf -- JamesSpooner
# ads server = platinum.arathunersee.ch
security = ads
# encrypt passwords = yes is now default in Samba3 -- Enigma
encrypt passwords = yes
realm = ARATHUNERSEE.CH
# this handles the "ads server = " directive as well -- Enigma
password server = platinum.arathunersee.ch
/etc/pam.d/samba
#%PAM-1.0
auth sufficient pam_winbind.so
auth required pam_unix.so nullok
account sufficient pam_winbind.so
account required pam_unix.so
session required pam_unix.so
password required pam_unix.so
/etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_winbind.so
auth sufficient pam_unix.so use_first_pass
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so Habe nach Anleitung (http://www.wlug.org.nz/ActiveDirectorySamba) gearbeitet.
Was stimmt nicht, dass sich die w2k user nicht einloggen können (lokale Linuxuser funktionieren)? Danke für Eure Hilfe.
Suse 9.2 steht auf dem Anmeldebildschirm bereit, die Symbole aller w2kuser stehen zum Anklicken bereit, aber keiner kann sich mit korrektem Passwort anmelden. :mad:
net ads testjoin meldet: Join is OK; getent passwd bringt alle w2k user (ARATHUNERSEE+username) und die lokalen dazu. Test mit chown funktioniert.
Meine Konfigs:
/etc/samba/smb.conf
[global]
# general options
workgroup = ARATHUNERSEE
netbios name = Lexus
# winbindd configuration
# default winbind separator is \, which is good if you
# use mod_ntlm since that is the character it uses.
# users only need to know the one syntax
winbind separator = +
# idmap uid and idmap gid are aliases for
# winbind uid and winbid gid, respectively
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
# Active directory joining
# "ads server" is only necessary if your kdc
# can't be located using /etc/krb5.conf -- JamesSpooner
# ads server = platinum.arathunersee.ch
security = ads
# encrypt passwords = yes is now default in Samba3 -- Enigma
encrypt passwords = yes
realm = ARATHUNERSEE.CH
# this handles the "ads server = " directive as well -- Enigma
password server = platinum.arathunersee.ch
/etc/pam.d/samba
#%PAM-1.0
auth sufficient pam_winbind.so
auth required pam_unix.so nullok
account sufficient pam_winbind.so
account required pam_unix.so
session required pam_unix.so
password required pam_unix.so
/etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_winbind.so
auth sufficient pam_unix.so use_first_pass
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so Habe nach Anleitung (http://www.wlug.org.nz/ActiveDirectorySamba) gearbeitet.
Was stimmt nicht, dass sich die w2k user nicht einloggen können (lokale Linuxuser funktionieren)? Danke für Eure Hilfe.