[Samba] Advice needed for Samba 3 setup for multiple Linux boxes
in established Win2k AD domain...
bugtraq at victoriareal.com
Fri Oct 24 16:16:24 GMT 2003
It was my understanding that Samba would not synchronize with Unix accounts, and as such presumed that winbind was the way to go, but on setting up a server using Samba 3.0.0-2 from either source or RPM I found that, whilst I could successfully add the server to the AD and groupmap an AD group to a local UNIX group, when I accessed the share from a win2k client logged in as a user within the mapped AD group I did not have access rights to the share.
I have probably missed something in your HOW-TO which would enable me to access the share, any pointers would be helpful.
From: John H Terpstra [mailto:jht at samba.org]
Sent: 24 October 2003 15:55
To: VR-Bug Support
Cc: samba at lists.samba.org
Subject: Re: [Samba] Advice needed for Samba 3 setup for multiple Linux
boxes in established Win2k AD domain...
On Fri, 24 Oct 2003, VR-Bug Support wrote:
> Hi all,
> I have the lucky task of being able to set-up a DEV environment for our
> developers. We plan on using redhat 9 with Samba 3 and making each
> server an AD domain member of an established Win2K domain.
> The advice I would like is the best way to implement this, I'd like to
> hopefully leave the Win2K domain admins power to create users on the
> Win2K domain, and automatically add users to the Linux Samba servers, if
> it's possible.
Samba does not do account synchronisation with UNIX. That would be a bad
solution from an administrative perspective.
Samba allows you to use NT4 domain, or Active Directory, accounts without
requiring local /etc/passwd entries. Winbind is the tool that handles
- John T.
John H Terpstra
Email: jht at samba.org
This e-mail and all attachments have been scanned by the HighSpeed Office virus scanning service powered by MessageLabs and no known viruses were detected.
Any views or opinions expressed in this e-mail are solely those of the author and do not necessarily represent those of ENDEMOL UK plc unless specifically stated.
This email and the information it contains are confidential and intended solely for the use of the individual or entity to which it is addressed. If you have received this email in error please notify us immediately and delete the copy you have received from your system.
You should not copy it for any purpose, re-transmit it, use it or disclose its contents to any other person. If you suspect the message may have been intercepted or amended please call the sender.
More information about the samba