Differences between version 6 and previous revision of SambaAsFileServer.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 6 | Last edited on Monday, February 9, 2004 11:37:22 am | by MichaelBordignon | Revert |
Older page: | version 1 | Last edited on Monday, February 9, 2004 9:11:00 am | by MichaelBordignon | Revert |
@@ -1,35 +1,40 @@
I had a bit of trouble getting my Samba server to authenticate to an NT PDC, so here is how I did it[1].
-#
join the samba server to the domain
-root# /usr/local/samba/bin/smbpasswd -j DOMAIN -r PDC -U Administrator
+*
join the samba server to the domain
+ root# /usr/local/samba/bin/smbpasswd -j DOMAIN -r PDC -U Administrator
+* edit /etc/samba/smb.conf to include at least the following directives:
+ [[global]
+ <...>
+ # separate domain and username with '+', like DOMAIN+username
+ winbind separator = +
+ # use uids from 10000 to 20000 for domain users
+ winbind uid = 10000-20000
+ # use gids from 10000 to 20000 for domain groups
+ winbind gid = 10000-20000
+ # allow enumeration of winbind users and groups
+ # might need to disable these next two for performance
+ # reasons on the winbindd host
+ winbind enum users = yes
+ winbind enum groups = yes
+ # give winbind users a real shell (only needed if they have telnet/sshd/etc... access)
+ template homedir = /home/winnt/%D/%U
+ template shell = /bin/bash
-# edit /etc/samba/smb.conf to include at least the following directives:
+* apt-get install winbind
-[global]
- <...>
- # separate domain and username with '+', like DOMAIN+username
- winbind separator = +
- # use uids from 10000 to 20000 for domain users
- winbind uid = 10000-20000
- # use gids from 10000 to 20000 for domain groups
- winbind gid = 10000-20000
- # allow enumeration of winbind users and groups
- # might need to disable these next two for performance
- # reasons on the winbindd host
- winbind enum users = yes
- winbind enum groups = yes
- # give winbind users a real shell (only needed if they have telnet/sshd/etc... access)
- template homedir = /home/winnt/%D/%U
- template shell = /bin/bash
-
-# apt-get install winbind
-
-#
Now, as root edit /etc/nsswitch.conf to allow user and group entries to be visible from the winbindd daemon. After editing, the file look appear:
+*
Now, as root edit /etc/nsswitch.conf to allow user and group entries to be visible from the winbindd daemon. After editing, the file look appear:
passwd: files winbind
shadow: files
group: files winbind
-#
see if winbind is working by typing wbinfo -u
+*
see if winbind is working by typing wbinfo -u. This should echo back a list of users on your Windows users on your PDC. For example, I get the following response:
+ CEO+Administrator
+ CEO+burdell
+ CEO+Guest
+ CEO+jt-ad
+ CEO+krbtgt
[1] With help from http://docs.biostat.wustl.edu/samba-2.2.8a/htmldocs/winbind.html.
+
+* ActiveDirectorySamba may also be of some help to you.