ldap and active directory configuration
Scott Grizzard
scott at scottgrizzard.com
Thu Jul 15 01:37:39 MDT 2010
On Jul 15, 2010 3:22 AM, "Malcolm Bodger" <M.Bodger at westminster.ac.uk>
wrote:
Hi Scott,
I'm hoping yourself, or someone on this list, might be able to help me with
this ongoing problem.
I've now moved on from ldap and have configured my server to authenticate to
active directory. I can ssh to the box and login using AD and local
accounts, but I get errors when trying to access my shared drive. On my PC
the error contains the message: 'No process is on the other end of the
pipe.' I'm not creating any samba users, but I've configured samba to create
local home areas, which it does for any new users.
My smb.conf, it's been a bit mangled in attempt to get it to work:
[global]
realm = INTRANET.WMIN.AC.UK
workgroup = INTRANET
netbios name = isls-fs1
netbios aliases = isls-fs1
server string = %h server (Samba, Ubuntu)
map to guest = Never
obey pam restrictions = no
password server = isls-int-dc-6
passdb backend = tdbsam
security = ADS
pam password change = no
passwd program =
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = no
log level = 3
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
local master = No
domain master = No
dns proxy = No
wins server = isls-int-dc-6
#ldap ssl = yes
ldap ssl = no
panic action = /usr/share/samba/panic-action %d
invalid users = root
idmap uid = 500-1000000
idmap gid = 500-1000000
#winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = yes
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
template homedir = /home/%D/%U
template shell = /bin/bash
#nt pipe support = no
#name resolve order = wins host bcast
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[PSI]
comment = psi shared area
path = /PSI
# public = No
# valid users = @"INTRANET+Domain Users"
#valid users = %S
read only = No
browseable = No
wide links = No
guest ok = yes
[homes]
comment = Unix homes
path = /home
# valid users = %S
read only = no
browseable = yes
It used to work when configured for local users, but now I'm not able to
access the drive for local, nor AD users.
Thanks,
Malcolm.
This e-mail and its attachments are intended for the above named only and
may be confidential. If t...
------------------------------
*From:* Malcolm Bodger
*Sent:* Fri 02/07/2010 14:42
*To:* Scott Grizzard; Malcolm Bodger
Cc: samba-technical at lists.samba.org
*Subject:* RE: ldap and active directory configuration
Hi Scott,
Thanks for this very useful information and it's giving me an insight into
Samba. Our eD...
More information about the samba-technical
mailing list