[Samba] Configuring a Samba Domain Member Server

Thomas, Daniel J. Daniel.Thomas at jhuapl.edu
Wed Feb 6 09:39:03 GMT 2002

Duh!  Just RTFMed... OK, so they say that Winbind is currently only
supported for Linux.... but it can be ported to other flavors of Unix?  This
means to force the option to compile winbind when building Samba on a
Solaris system?  

Has anyone done this? 

If this doesn't work is there any way to configure a Linux machine to acts a
negotiator between the Sun server and the NT domain?  

Since we know this works on Linux, can the Linux box pass the domain info to
the sun box somehow?


-----Original Message-----
From: Thomas, Daniel J. [mailto:Daniel.Thomas at jhuapl.edu]
Sent: Tuesday, February 05, 2002 2:16 PM
To: 'samba at lists.samba.org'
Cc: Wieprecht, Karen M.
Subject: [Samba] Configuring a Samba Domain Member Server

Hey all,
	We are having some trouble getting samba to behave the way we think
it should.  We would like to get our filer server (A Sun Enterprise 3500
running Solaris 2.8) to integrate as close as possible to our PC
workstations which primarily access this file server.

	Our ultimate goal is to configure Samba so it can authenticate users
who have access to it's file shares through our NT domain controllers.  We
have set share level = domain and added the samba server to the NT domain
after upgrading to Samba 2.2.2.  This has helped some, however we aren't
quite where we want to be.  

	Basically, the NT users we have don't necessarily have a
corresponding UNIX account and don't really need one.  We would like to
avoid having to maintain user accounts on the file server all together and
would like authentication to be handled by the NT Domain.  

Currently, we have the guest account access enabled to map everyone through
one user account, however if we disable this, domain users who don't have
Unix user accounts can't access the shares on the file server (get prompted
for user name and password).

I've seen something about a "Winbind" service.  It is my understanding that
this might be what I need to do what I'm looking to do?  Will it run under
Solaris 2.8?  

According to the Samba guide, when you compile samba, this service is build
automatically if it is supported by the OS, but we don't see it installed
anywhere and the winbind service certainly isn't running.  This is what led
me to believe that it might be incompatible with Solaris 2.8 on SUN
Enterprise 3500 hardware.

Also I noticed that when users can in fact write to the shares if they
aren't a guest, then it records the file owner as [samba server]\[user name]
rather then [NT Domain]\[user name] (when looking at the file security
permissions from a Windows 2000 Pro box).  I assume this is because it is
mapping the user name to a known Unix user.

-Dan Thomas

Daniel J. Thomas
Systems Administrator
Johns Hopkins University
Applied Physics Laboratory
Laurel, MD

Balt:    (443) 778-7924
Wash:  (240) 228-7924

"Always avoid a bad file copy...
You can never know when your replication proceeds you."
                               -Anonymous Author

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list