[brlug-general] Samba in Active Directory
Tim Hallin
timhallin at gmail.com
Tue Mar 27 08:23:37 CST 2007
nsswitch.conf
shadow: files nis
passwd: compat
group: compat
hosts: files dns
networks: files dns
services: files ldap
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files ldap
publickey: files
bootparams: files
automount: files
aliases: files ldap
passwd_compat: ldap
group_compat: ldap
On 3/27/07, Andrew Baudouin <andrewmb at gmail.com> wrote:
>
> Also, how about "*getent passwd* "?
>
> On 3/27/07, Andrew Baudouin <andrewmb at gmail.com> wrote:
> >
> > What's /etc/nsswitch.conf say?
> >
> > On 3/27/07, Tim Hallin < timhallin at gmail.com> wrote:
> >
> > > I setup up a samba server using SLES 10. I have joined an AD domain.
> > > wbinfo -u - returns the AD user list, so I think winbind is working. In
> > > Linux I can give domain users ownership of files (chown). When I setup a
> > > share the Domain users can see the share but not login unless I remove Samba
> > > from the Domain and enter them locally (smbpasswd -a). It will not let
> > > domain users access samba shares. I think Kerberos is working. I have used
> > > Samba for years, this is my first attempt at using AD for authentication.
> > >
> > > Can a Samba member server directory join an Active Directory Domain or
> > > does it need to connect through a Samba Domain Controller? Or Does my first
> > > Samba box need to a Domain Controller ?
> > >
> > > Thanks,
> > >
> > > Tim Hallin
> > >
> > >
> > >
> > > [global]
> > > workgroup = FRANKLIN
> > > realm = FRANKLIN.INT
> > > server string = Windows Server 2003
> > > security = ADS
> > > map to guest = Bad User
> > > password server = DC1 DC2
> > > printcap name = cups
> > > logon path = \\%L\profiles\.msprofile
> > > logon drive = P:
> > > logon home = \\%L\%U\.9xprofile
> > > domain master = No
> > > ldap ssl = no
> > > idmap uid = 10000-20000
> > > idmap gid = 10000-20000
> > > winbind use default domain = Yes
> > > winbind refresh tickets = yes
> > > cups options = raw
> > > include = /etc/samba/dhcp.conf
> > > template homedir = /home/%D/%U
> > > template shell = /bin/bash
> > >
> > > [profiles]
> > > comment = Network Profiles Service
> > > path = %H
> > > read only = No
> > > create mask = 0600
> > > directory mask = 0700
> > > store dos attributes = Yes
> > >
> > > [users]
> > > comment = All users
> > > path = /data/profiles
> > > read only = No
> > > inherit acls = Yes
> > > veto files = /aquota.user/groups/shares/
> > >
> > > [groups]
> > > comment = All groups
> > > path = /data/groups
> > > read only = No
> > > inherit acls = Yes
> > >
> > > [printers]
> > > comment = All Printers
> > > path = /var/tmp
> > > create mask = 0600
> > > printable = Yes
> > > browseable = No
> > >
> > > [print$]
> > > comment = Printer Drivers
> > > path = /var/lib/samba/drivers
> > > write list = @ntadmin, root
> > > force group = ntadmin
> > > create mask = 0664
> > > directory mask = 0775
> > >
> > > [test]
> > > comment = test
> > > path = /test
> > > valid users = FRANKLIN\tth
> > > write list = FRANKLIN\tth
> > > read only = No
> > > inherit acls = Yes
> > >
> > > _______________________________________________
> > > General mailing list
> > > General at brlug.net
> > > http://mail.brlug.net/mailman/listinfo/general_brlug.net
> > >
> > >
> >
>
> _______________________________________________
> General mailing list
> General at brlug.net
> http://mail.brlug.net/mailman/listinfo/general_brlug.net
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/general_brlug.net/attachments/20070327/cae40da9/attachment.html
More information about the General
mailing list