[Samba] Confused about Active Directory, Winbind, and Kerberos
Rashid N. Achilov
achilov-rn at askd.ru
Thu Nov 23 03:40:23 GMT 2006
On Thursday 23 November 2006 01:05, Michael Schurter wrote:
> Any suggestions would be appreciated. I just want the tightest
> integration between Linux & Active Directory that extends to Linux
> services like ssh, apache, postfix/sasl, etc.
You need a krb5.conf. At least, it should be:
--- from here ---
[libdefaults]
default_realm = YOUR.REALM
[realms]
YOUR.REALM = {
kdc = your_windows_dc
kpasswd_server = your_windows_dc
admin_server = your_windows_dc
}
[logging]
default = SYSLOG:INFO:LOCAL1
[domain_realm]
.yourdomain.ru = YOUR.REALM
yourdomain.ru = YOUR.REALM
--- krb5.conf ---
Next, you should init Kerberos:
kinit administrator at YOUR.REALM
Next. you can join a domain (supposed, security=ads in smb.conf,
workgroup=<your_pre_Windows_2000_realm_name>
realm = your.realm)
net ads join -U administrator -w your.realm
After that, you can add winbind into a nsswitch.conf (supposed, pam_winbind.so
lies at LDCONFIG_PATH)
--
With Best Regards.
Rashid N. Achilov (RNA1-RIPE), Web: http://www.askd.ru/~shelton
OOO "ACK" telecommunications administrator, e-mail: achilov-rn [at] askd.ru
PGP: 83 CD E2 A7 37 4A D5 81 D6 D6 52 BF C9 2F 85 AF 97 BE CB 0A
More information about the samba
mailing list