у меня крик о помощи. Я перевернул уже кучу доков и похоже в конец запутолся. Помогите прикрутить Linux Mandriva к домену Windows 2000.







workgroup = SVK


netbios name = dima-smb

server string = Samba Server %v

printcap name = cups

load printers = yes

printcap cache time = 60

printing = cups

log file = /var/log/samba/%m.log

max log size = 50

map to guest = bad user

security = domain

password server = *

winbind use default domain=yes

encrypt passwords = yes

smb passwd file = /etc/samba/smbpasswd

idmap uid = 10000-20000

idmap gid = 10000-20000

winbind use default domain = yes

winbind enum users=yes

winbind enum groups=yes

template shell = /bin/bash

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

wins server =

dns proxy = no

dos charset = cp866

unix charset = UTF8


comment = Home Directories

browseable = no

writable = yes


comment = All Printers

path = /var/spool/samba

browseable = no

guest ok = yes

writable = no

printable = yes

create mode = 0700

print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.

use client driver = yes


path = /var/lib/samba/printers

browseable = yes

write list = @adm root

guest ok = yes

inherit permissions = yes

# Settings suitable for Winbind:

# write list = @"Domain Admins" root

# force group = +@"Domain Admins"


path = /var/tmp

guest ok = No

printable = Yes

comment = PDF Generator (only valid users)

printing = bsd

#print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP &

print command = /usr/share/samba/scripts/print-pdf "%s" "%H" "//%L/%u" "%m" "%I" "%J" &

lpq command = /bin/true

есть еще файл /etc/samba/smb-winbind.conf настройки точно такие же сделал (ни чего умне придумать не мог)



default = FILE:/var/log/kerberos/krb5libs.log

kdc = FILE:/var/log/kerberos/krb5kdc.log

admin_server = FILE:/var/log/kerberos/kadmind.log


ticket_lifetime = 24000

default_realm = SVK.LOCAL

default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc

default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc

permitted_enctypes = des3-hmac-sha1 des-cbc-crc

dns_lookup_realm = false

dns_lookup_kdc = false

kdc_req_checksum_type = 2

checksum_type = 2

ccache_type = 1

forwardable = true

proxiable = true








kdc = kerberos.example.com:88

admin_server = kerberos.example.com:749

default_domain = example.com





.example.com = EXAMPLE.COM


profile = /etc/kerberos/krb5kdc/kdc.conf


debug = false

ticket_lifetime = 36000

renew_lifetime = 36000

forwardable = true

krb4_convert = false


krb4_convert = false

krb4_get_tickets = false

/etc/hosts sk.svk.local sk dima-smb.svk.local dima-smb

регистрация в домене проходит

#net rpc join -U имя_администратора_win_домена

Joined domain SVK

# wbinfo -p

Ping to winbindd succeeded on fd 4

# wbinfo -t

checking the trust secret via RPC calls succeeded

# wbinfo --set-auth-user=user%password (пользователь с правами админа в домене)

# wbinfo -a user%1234

plaintext password authentication succeeded

challenge/response password authentication succeeded

# wbinfo -g



(должно быть имя домена)

# wbinfo -u

Error looking up domain user

в логах:

[2007/10/03 12:59:53, 0] libads/kerberos.c:ads_kinit_password(208)

kerberos_kinit_password DIMA-SMB$@SVK.LOCAL failed: Cannot find KDC for reques

ted realm

[2007/10/03 12:59:53, 1] nsswitch/winbindd_ads.c:ads_cached_connection(114)

ads_connect for domain SVK failed: Cannot find KDC for requested realm

