[Samba] Samba in 2003 ADS
Nic le Roux
nicl at rohlig.co.za
Thu Jan 15 12:36:58 GMT 2004
Good Morning/Afternoon/Evening.
I'm a bit dejected at the moment as all my googleing / howto reading has
brought me no joy,
Apparently there are people out there who have successfully set up Samba
as member server in M$ 2003 ADS.
However I have miserably failed / given up.
What I want to do is have my people print to a PDF printer on Linux using
cups after which they will be emailed the doc using a package called
Alambic.
It works pretty well however I need a username to send the email to as the
username is mapped to an email address in a config file.
Is there possibly another way of having my users connect to the Samba Box
with their domain user name ?
The requirement is a single sign on to the domain where they will not be
prompted to authenticate again to the Samba box.
Please any help will be appreciated,
Thanks
Nic
Ps. incase anyone is interested maybe I can still save the ADS project
I'm using Samba 3.0.2pre1
Kerberos 1.3.1
Here is Samba Config
[global]
workgroup = domain
realm = domain.co.za
security = ads
password server = 172.28.20.2
winbind use default domain = yes
client use spnego = yes
encrypt passwords = yes
server string = %L Print Server (%v)
winbind separator = +
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/winnt/%D/%U
template shell = /bin/bash
printcap name = cups
load printers = yes
printing = cups
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
wins server = 172.28.20.2
dns proxy = yes
krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = DOMAIN.CO.ZA
default_tgs_enctypes = des-cbc-md5 des-cbc-crc
default_tkt_enctypes = des-cbc-md5 des-cbc-crc
permitted_enctypes = des-cbc-md5 des-cbc-crc
kdc_req_checksum_type = 2
checksum_type = 2
ccache_type = 1
forwardable = true
proxiable = true
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
DOMAIN.CO.ZA = {
kdc = server.domain.co.za
admin_server = server.domain.co.za
default_domain = DOMAIN.CO.ZA
}
[domain_realm]
.server.domain.co.za = DOMAIN.CO.ZA
server.domain.co.za = DOMAIN.CO.ZA
Following received in Winbind log
[2004/01/15 14:02:00, 1] libads/ads_ldap.c:ads_name_to_sid(64)
name_to_sid: root not found
[2004/01/15 14:02:00, 1] nsswitch/winbindd_group.c:winbindd_getgroups(960)
user 'root' does not exist
Following in Cleint log
More information about the samba
mailing list