[Samba] Question

Buchan Milne bgmilne at cae.co.za
Wed Jan 29 09:27:13 GMT 2003 

> Date: Tue, 28 Jan 2003 13:53:20 -0500
> From: "Esler, Joel" <EslerJ at RCERT-S.ARMY.MIL>
> To: "Samba-L (E-mail) (E-mail)" <samba at lists.samba.org>
> Subject: [Samba] Question
> Message-ID: <EA8EFECF3B31D611BC2800065B387434245D4A at mail.s-tnosc.army.mil>
> Content-Type: text/plain;
> 	charset="iso-8859-1"
> MIME-Version: 1.0
> Precedence: list
> Message: 22
> 
> Since I put alot of reliability in listservs....  
>  
> I want to do the following things.  I run a Linux server on a completely
> Win2K network.  I want the Linux server, when someone's password is updated
> through the domain controller, to automatically update the Linux server, so
> when we update someone's password, or disable someones account in Win2k
> domain, it also disables it on the Linux server.  

Well, the way this is done is actually to authenticate directly against
the domain, rather than keeping passwords in sync.

>  
> Also,
>  
> I want to be able to set up a partition (say "/home") on my linux server,
> where people can just go into Network Neighborhood and go into their share
> folder in the Linux server as if it were just a F/P server in a win domain.
> I am assuming Samba does both of these.  However, I dont' know how...  can
> someone point me in the right direction.
>  

You can do this with winbind. Take a look at this:

http://ranger.dnsalias.com/mandrake/samba/Integrating%20Linux%20into%20Windows%20Networks.tar.gz

IMHO, Mandrake 9.0 is the quickest way to get this, plus you can use
ACLs out-the-box.

Reccomended procedure:
1)Install Mandrake 9.0 in expert mode
2)Where you enter the root password, choose "Windows Domain" as
authentication type.
3)Enter the domain name in CAPS

If your domain allows anonymous access, you should be able to log into
the machine with a domain account on first boot. But the default config
doesn't have any shares enabled, so:

# cp /etc/samba/smb-winbind.conf /etc/samba/smb.conf

Replace the 'workgroup = ' line in your new /etc/samba/smb.conf with the
domain name, install samba-server (urpmi samba-server), start samba
(service smb start) and it should make a home directory for any user who
authenticates, even via samba. So, connecting to \\server\username\
should work out-the-box.

To get ACLs working, you should either use XFS as the filesystem that
your shares will be on, or add the 'acl' mount option to ext2/ext3
filesytems in your /etc/fstab.

Note the tarball above has configs that should accomplish the same on
Redhat 8.0 (except possibly for the winbind groups problem people are
talking about).

Buchan

-- 
|--------------Another happy Mandrake Club member--------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7

More information about the samba mailing list