Guido Lorenzutti wrote: > > I have a smb.conf and a winbind.conf, and the winbindd uses the > winbind.conf. > Yes, you have to joing the winbind to the domain, with: > net rpc join -s /etc/samba/winbind.conf -U username > Same configuration on samba 3.5.6 (debian squeeze, testing). Using two server it work fine, I can join to domain, authenticate user, ecc. Using a single server (server name is V-SQUEEZE, domain name is PROXY) with two working configuration file winbind.conf and smb.conf I can join to domain and list user root@V-Squeeze:~# net rpc join -U root Enter root's password: Joined domain PROXY. root@V-Squeeze:~# net rpc testjoin Join to 'PROXY' is OK root@V-Squeeze:~# net rpc user Enter root's password: nobody root test vv But wbinfo can't see domain PROXY and fail authentication root@V-Squeeze:~# wbinfo -m BUILTIN V-SQUEEZE root@V-Squeeze:~# wbinfo -u V-SQUEEZE@nobody V-SQUEEZE@root V-SQUEEZE@test V-SQUEEZE@vv root@V-Squeeze:/var/log/samba# wbinfo -t checking the trust secret for domain PROXY via RPC calls failed Could not check secret In log I can see: [2010/12/03 21:07:54.221467, 1] winbindd/idmap.c:438(idmap_init_passdb_domain) Could not init passdb idmap domain [2010/12/03 21:07:54.223344, 0] rpc_server/srv_netlog_nt.c:692(_netr_ServerAuthenticate3) _netr_ServerAuthenticate2: failed to get machine password for account V-SQUEEZE$: NT_STATUS_NO_TRUST_SAM_ACCOUNT Any idea? My winbind.conf (working on other machines): [global] workgroup = PROXY security = domain password server = * encrypt passwords = yes winbind separator = @ idmap uid = 30000-40000 idmap gid = 30000-40000 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes template shell = /bin/false template homedir = /home/winnt/%U -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-and-ntlm-without-winbind-tp3028692p3071687.html Sent from the Squid - Users mailing list archive at Nabble.com.
