Собрал самбу с поддержкой winbind'a.
/usr/local/samba/lib/smb.conf:
[global]
null passwords = false
workgroup=SAMBA
netbios name=Server
server string=File Server
dos char set = 866
unix char set = koi8-r
;unix password sync = yes
passwd chat = *new*password* %n\n *new*password* %n\n *success*
passwd program = /usr/bin/passwd %u
password server=Server
interfaces=eth0
bind interfaces only=True
hosts deny=ALL
hosts allow=192.168.0.0/255.255.255.0 127.0.0.1
;protocol=NT1
security=domain
encrypt passwords=yes
lm interval=0
oplocks=False
level2 oplocks=No
syslog=1
wins support=Yes
domain master=Yes
local master=Yes
preferred master=Yes
os level=255
log level=0
log file=/var/log/samba/login.log
domain logons=yes
username map = /usr/local/samba/lib/user.map
;logon script=%U.bat
create mask=0666
directory mask=0777
security mask=0777
force create mode=0777
nt acl support =yes
socket options = TCP_NODELAY
add user script = /usr/sbin/useradd -d /dev/null -g
logon path = \%L\profiles\%U
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
[profiles]
path = /var/lib/samba/profiles
browseable = no
writeable=yes
read only = no
create mask = 0600
directory mask = 0700
[netlogon]
path=/var/lib/samba/netlogon
writeable=yes
guest ok=no
browsable=no
available=yes
[homes]
writable=yes
browseable=no
read only=no
/usr/local/samba/lib/lmhosts:
192.168.0.3 Server
Проверяем winbindd:
#wbinfo -p
Ping to winbindd succeeded on fd 3
#wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_INTERNAL_ERROR (0xc00000e5)
Could not check secret
#wbinfo -a test%pass
plaintext password authentication failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Could not authenticate user test%pass with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da)
error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Could not authenticate user test with challenge/response
#net join
[2004/06/26 13:40:47, 0] lib/util_sock.c:read_socket_with_timeout(304)
read_socket_with_timeout: timeout read. read error = Connection reset by peer.
Password:
[2004/06/26 13:40:53, 0] lib/util_sock.c:read_socket_with_timeout(304)
read_socket_with_timeout: timeout read. read error = Connection reset by peer.
Could not connect to server SERVER
#wbinfo --get-auth-user
No authorised user configured
#wbinfo -u
Error looking up domain users
#wbinfo -m
BUILTIN
#/winbindd -i -d3
winbindd version 3.0.4 started.
Copyright The Samba Team 2000-2004
lp_load: refreshing parameters
Initialising global parameters
params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/smb.conf"
Processing section "[global]"
Processing section "[profiles]"
Processing section "[netlogon]"
Processing section "[homes]"
adding IPC service
adding IPC service
Server's Role (logon server) NOT ADVISED with domain-level security
added interface ip=192.168.0.3 bcast=192.168.0.255 nmask=255.255.255.0
added interface ip=192.168.0.3 bcast=192.168.0.255 nmask=255.255.255.0
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
add_trusted_domain: SAMBA is an NT4 domain
Added domain SAMBA S-1-5-21-756135516-1301257183-2777931687
add_trusted_domain: BUILTIN is an NT4 domain
Added domain BUILTIN S-1-5-32
--------------------
При этом юзера и машины, добавленные с помощью smbpasswd доблестно логинятся на самбу, отображаются через smbstatus, etc....
Как же winbindd-то настроить нормально?
Заранее спасибо.