[Samba] Windows AD w/ Windows Services for Unix?
Jason Gerfen
jason.gerfen at scl.utah.edu
Mon Nov 21 20:14:29 GMT 2005
Doug VanLeuven wrote:
> Jason Gerfen wrote:
>
>> I can authenticate users on a default setup of Windows 2000 using
>> 'Security = ADS'. However if I install Windows Services for Unix
>> (http://www.microsoft.com/windowsserversystem/sfu/productinfo/features/default.mspx)
>> I am not able to authenticate or view users from different
>> Organizational Units in the default domain. ???
>>
>
> With a 2000 or 2003 Windows AD controller, I've run SFU 3.0 & 3.5 on both
> client and server without side effects.
> I use:
> winbind nss info = template sfu
> security = ADS
> winbind trusted domains only = yes
> idmap backend = ad
>
> on the samba member servers.
>
> Perhaps you mean you're running samba PDC and using SFU on a client
> workstation? In that case, I would assume, for it to work, you
> would need to run an ldap backend and extend the schema for SFU.
> Then fill out the unix values.
>
> Anyone ever done that?
>
> Regards, Doug
Odd, I attempted your suggestions:
%> testparm
Load smb config files from /etc/samba/smb.conf
Unknown parameter encountered: "winbind nss info"
Ignoring unknown parameter "winbind nss info"
The first scenario is correct, a ROLE_DOMAIN_MEMBER that authenticates
file shares using nsswitch and winbind against the Windows 2000 domain.
--
Jason Gerfen
"My girlfriend threated to
leave me if I went boarding...
I will miss her."
~ DIATRIBE aka FBITKK
More information about the samba-technical
mailing list