sandman65
09-24-2002, 10:21 AM
Hi everybody,
I'm having a problem logging in to swat since I set up samba to use winbind as per article at: http://asia.cnet.com/itmanager/netadmin/printfriendly.htm?AT=39050042-39006400t-39000223c
All works fine now exept that I can no longer login to swat I get the following error:
401 Bad Authorization
username or password incorrect
If anybody could tell me what I have done wrong it would be of great help
Thanks in advance
Sandman65
I'm running RedHat 7.3
With Samba 2.2.5
the contents of my smb.conf are:
# Samba config file created using SWAT
# from UNKNOWN (127.0.0.1)
# Date: 2002/09/23 16:29:14
# Global parameters
[global]
workgroup = (My domain)
netbios name = LINUX01
server string = Samba Server
security = DOMAIN
encrypt passwords = Yes
admin users = Root
password server = *
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*success fully*
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = False
local master = No
dns proxy = No
printing = lprng
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
directory mask = 0775
browseable = No
[NETLOGON]
path = /shares/netlogon
read only = yes
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[winshare]
path = /shares
valid users = @(my domain)+domain admins
read only = No
create mask = 0777
max connections = 10
the contents of xinetd.conf are:
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}
service swat
{
port = 901
socket_type = stream
wait = no
only_from = 127.0.0.1
user = root
server = /usr/sbin/swat
log_on_failure += USEID
disable = no
}
includedir /etc/xinetd.d
I have the line swat 901/tcp # admin de samba in /etc/services
The /etc/nsswitch.conf file contents are:
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files winbind nisplus
shadow: files winbind nisplus
group: files winbind nisplus
#hosts: db files nisplus nis dns
hosts: files nisplus dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files nisplus
rpc: files
services: files nisplus
netgroup: files nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
My /etc/pam.d/samba file contains the following
#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_winbind.so
account required pam_stack.so service=system-auth
account required /lib/security/pam_winbind.so
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
I'm having a problem logging in to swat since I set up samba to use winbind as per article at: http://asia.cnet.com/itmanager/netadmin/printfriendly.htm?AT=39050042-39006400t-39000223c
All works fine now exept that I can no longer login to swat I get the following error:
401 Bad Authorization
username or password incorrect
If anybody could tell me what I have done wrong it would be of great help
Thanks in advance
Sandman65
I'm running RedHat 7.3
With Samba 2.2.5
the contents of my smb.conf are:
# Samba config file created using SWAT
# from UNKNOWN (127.0.0.1)
# Date: 2002/09/23 16:29:14
# Global parameters
[global]
workgroup = (My domain)
netbios name = LINUX01
server string = Samba Server
security = DOMAIN
encrypt passwords = Yes
admin users = Root
password server = *
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*success fully*
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = False
local master = No
dns proxy = No
printing = lprng
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0664
directory mask = 0775
browseable = No
[NETLOGON]
path = /shares/netlogon
read only = yes
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[winshare]
path = /shares
valid users = @(my domain)+domain admins
read only = No
create mask = 0777
max connections = 10
the contents of xinetd.conf are:
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}
service swat
{
port = 901
socket_type = stream
wait = no
only_from = 127.0.0.1
user = root
server = /usr/sbin/swat
log_on_failure += USEID
disable = no
}
includedir /etc/xinetd.d
I have the line swat 901/tcp # admin de samba in /etc/services
The /etc/nsswitch.conf file contents are:
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files winbind nisplus
shadow: files winbind nisplus
group: files winbind nisplus
#hosts: db files nisplus nis dns
hosts: files nisplus dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files nisplus
rpc: files
services: files nisplus
netgroup: files nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
My /etc/pam.d/samba file contains the following
#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_winbind.so
account required pam_stack.so service=system-auth
account required /lib/security/pam_winbind.so
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth