[kwhelan]

My suspect SMB.conf if anyone can spot any obvious errors please
Last login: Thu Oct 13 09:41:45 on ttyp1
Welcome to Darwin!
Art-EMac09:~ admin$ sudo -s
Password:
Art-EMac09:~ root# cd /etc
Art-EMac09:/etc root# pico smb.conf

GNU nano 1.2.4 File: smb.conf

; Template configuration file for smbd.
; ============================================================================
; For the format of this file and comprehensive descriptions of all the
; configuration option, please refer to the man page for smb.conf(5).
;
; The following configuration should suit most systems for basic usage and
; initial testing. It gives all clients access to their home directories and
; allows access to all printers specified in /etc/printcap. It also provides
; a public share point for generally exporting stuff.
;
; Some things to check out:
;
; 1: Make sure that the user specified in “guest account” exists. Typically
; this will be a user that cannot log in and has minimal privileges.
; Often the “nobody” account doesn’t work (very system dependant).
;
; 2: You should consider the “security =” option. See a full description
; in the main documentation and the smb.conf(5) manual page
;

[global]
guest account = unknown
encrypt passwords = yes
auth methods = guest opendirectory
passdb backend = opendirectorysam guest
printer admin = @admin, @staff
server string = Art-EMac09
unix charset = UTF-8-MAC
display charset = UTF-8-MAC
dos charset = 437
client ntlmv2 auth = no

realm = LINDISFARNE.HB.SCHOOL.NZ
security = ADS

workgroup = LINDISFARNE
defer sharing violations = no
use spnego = yes
os level = 8
vfs objects = darwin_acls
brlm = yes
; Using the Computer Name to compute the NetBIOS name. Remove this comment to $
netbios name = Art-EMac09
[homes]
comment = User Home Directories
browseable = no
read only = no

;[public]
; path = /tmp
; public = yes
; only guest = yes
; writable = yes
; printable = no

[printers]
path = /tmp
printable = yes

[kwhelan]

curiously wondering if the other security settings in AD are consistent as some people seem to be able to get this to work and others like myself not,
People have tried clean installs of OSX etc so logically the problem must be either smb.conf settings or AD issues.
Can we perhaps see some working smb.conf files to compare
My AD seems to work perfectly but maybe some policy is overiding another, and logic would suggest that if smb shares works once client has signed on then its not a AD security problem but something not working at the login prompt of OSX specifically or in sequence to allow home folder authentication
For AD I have smb signing off as recommended( how do we test this)but what about the network security lanmanger authentication setting ntlmv2?
there has to be a logical reason to why some people get setups to work and others don’t and its dam frustrating for those of us that havn’t.I n fact its pretty much job critical.No Apple techs in this country have been any help whatsoever except suggest I buy Admitmac

[Author]

Posts