Rev | Author | # | Line |
---|---|---|---|
7 | DanielLawson | 1 | I had a bit of trouble getting my Samba server to authenticate to an NT PDC, so here is how I did it[1]. |
6 | MichaelBordignon | 2 | |
3 | * join the samba server to the domain | ||
4 | root# /usr/local/samba/bin/smbpasswd -j DOMAIN -r PDC -U Administrator | ||
5 | * edit /etc/samba/smb.conf to include at least the following directives: | ||
6 | [[global] | ||
7 | <...> | ||
8 | # separate domain and username with '+', like DOMAIN+username | ||
9 | winbind separator = + | ||
10 | # use uids from 10000 to 20000 for domain users | ||
11 | winbind uid = 10000-20000 | ||
12 | # use gids from 10000 to 20000 for domain groups | ||
13 | winbind gid = 10000-20000 | ||
14 | # allow enumeration of winbind users and groups | ||
15 | # might need to disable these next two for performance | ||
16 | # reasons on the winbindd host | ||
17 | winbind enum users = yes | ||
18 | winbind enum groups = yes | ||
19 | # give winbind users a real shell (only needed if they have telnet/sshd/etc... access) | ||
20 | template homedir = /home/winnt/%D/%U | ||
21 | template shell = /bin/bash | ||
22 | |||
23 | * apt-get install winbind | ||
24 | |||
25 | * Now, as root edit /etc/nsswitch.conf to allow user and group entries to be visible from the winbindd daemon. After editing, the file look appear: | ||
26 | |||
27 | passwd: files winbind | ||
28 | shadow: files | ||
29 | group: files winbind | ||
30 | |||
31 | * see if winbind is working by typing wbinfo -u. This should echo back a list of users on your Windows users on your PDC. For example, I get the following response: | ||
32 | CEO+Administrator | ||
33 | CEO+burdell | ||
34 | CEO+Guest | ||
35 | CEO+jt-ad | ||
36 | CEO+krbtgt | ||
37 | |||
38 | [1] With help from http://docs.biostat.wustl.edu/samba-2.2.8a/htmldocs/winbind.html. | ||
39 | |||
40 | * ActiveDirectorySamba may also be of some help to you. |
lib/blame.php:177: Warning: Invalid argument supplied for foreach()