Penguin
Recent Changes
Diff: SambaAsFileServer
EditPageHistoryDiffInfoLikePages

Differences between version 6 and previous revision of SambaAsFileServer.

Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History

Newer page: version 6 Last edited on Monday, February 9, 2004 11:37:22 am by MichaelBordignon Revert
Older page: version 1 Last edited on Monday, February 9, 2004 9:11:00 am by MichaelBordignon Revert
@@ -1,35 +1,40 @@
 I had a bit of trouble getting my Samba server to authenticate to an NT PDC, so here is how I did it[1]. 
  
-# join the samba server to the domain  
-root# /usr/local/samba/bin/smbpasswd -j DOMAIN -r PDC -U Administrator 
+* join the samba server to the domain  
+ root# /usr/local/samba/bin/smbpasswd -j DOMAIN -r PDC -U Administrator  
+* edit /etc/samba/smb.conf to include at least the following directives:  
+ [[global]  
+ <...>  
+ # separate domain and username with '+', like DOMAIN+username  
+ winbind separator = +  
+ # use uids from 10000 to 20000 for domain users  
+ winbind uid = 10000-20000  
+ # use gids from 10000 to 20000 for domain groups  
+ winbind gid = 10000-20000  
+ # allow enumeration of winbind users and groups  
+ # might need to disable these next two for performance  
+ # reasons on the winbindd host  
+ winbind enum users = yes  
+ winbind enum groups = yes  
+ # give winbind users a real shell (only needed if they have telnet/sshd/etc... access)  
+ template homedir = /home/winnt/%D/%U  
+ template shell = /bin/bash  
  
-# edit /etc/samba/smb.conf to include at least the following directives:  
+* apt-get install winbind  
  
-[global]  
- <...>  
- # separate domain and username with '+', like DOMAIN+username  
- winbind separator = +  
- # use uids from 10000 to 20000 for domain users  
- winbind uid = 10000-20000  
- # use gids from 10000 to 20000 for domain groups  
- winbind gid = 10000-20000  
- # allow enumeration of winbind users and groups  
- # might need to disable these next two for performance  
- # reasons on the winbindd host  
- winbind enum users = yes  
- winbind enum groups = yes  
- # give winbind users a real shell (only needed if they have telnet/sshd/etc... access)  
- template homedir = /home/winnt/%D/%U  
- template shell = /bin/bash  
-  
-# apt-get install winbind  
-  
-# Now, as root edit /etc/nsswitch.conf to allow user and group entries to be visible from the winbindd daemon. After editing, the file look appear: 
+* Now, as root edit /etc/nsswitch.conf to allow user and group entries to be visible from the winbindd daemon. After editing, the file look appear: 
  
  passwd: files winbind 
  shadow: files 
  group: files winbind 
  
-# see if winbind is working by typing wbinfo -u 
+* see if winbind is working by typing wbinfo -u. This should echo back a list of users on your Windows users on your PDC. For example, I get the following response:  
+ CEO+Administrator  
+ CEO+burdell  
+ CEO+Guest  
+ CEO+jt-ad  
+ CEO+krbtgt  
  
 [1] With help from http://docs.biostat.wustl.edu/samba-2.2.8a/htmldocs/winbind.html. 
+  
+* ActiveDirectorySamba may also be of some help to you.