SuSE 9.3 (all patches) Samba 3.0.13-1.1 After following the SAMBA HOWTO for using ADS authentication I have come accross a problem. In Chapter 6 Section II of the Samba 3 HOWTO I performed the following commands: %> kinit user@REALM.COM %> net ads join -U user@REALM.COM %> net ads join -U user@REALM.COM "new_OU_container" The joined worked, I am able to view users, authentication any users from the "new_OU_container" without problem. However because I needed to authenticate users from other containers as well I connected to the Domain and removed the computer from the OU=computers container and rejoined the domain NOT mapping a specific container. The problem is that I am still only able to view/authenticate users in the "OU=new_OU_container" vs. the "CN=Users" default container. I have tested this by setting up a new windows 2000 domain which mimicked the live environment, created a new samba server with the following smb.conf and I was able to view/authenticate users in any container because I did not initially specify the container in which to add the compuer account to. I am hoping I could perhaps get an updated RPM for SuSE with the latest Winbind, SMBD, NMBD which Mr. Testra has informed me is available but not released as an installable RPM for the SuSE OS. [smb.conf] [global] workgroup = DOMAIN realm = DOMAIN.COM server string = samba_server.domain.com security = ADS update encrypted = Yes encrypt passwords = yes password server = * preferred master = No domain master = No idmap uid = 500-500000 idmap gid = 500-500000 winbind separator = / winbind cache time = 5 winbind use default domain = Yes winbind nested groups = Yes log level = 2 interfaces = eth* bind interfaces only = yes [share] path = /share read only = No inherit acls = Yes
we don't restruct users to a given OU. Please retest against a current release and reopen if the issue still exists.