[Samba] Samba 3 + Win2k = Headache

Shannon Johnson sjohnson at engr.psu.edu
Thu May 20 18:16:42 GMT 2004 

I have a feeling I may have lost focus on the issue in some of my
previous messages... so here's my dilemma.

I have several Windows (2000 and XP) clients, and several Linux (Red Hat
Enterprise 3, 2.4.21 kernel) clients. I've got a couple servers, one is
currently Windows 2000 Server, and one is Linux (same as above, with the
snapshot Samba running). I want to be able to have users log into the
Linux clients, authenticated through the Windows server, and access
their home directory from the Linux server. That's the goal in a
nutshell... Here's a very brief summary of the problems I've run into
with all of the solutions I've tried:

1. I tried having the clients use SMB to mount their home directory, but
realized that SMB doesn't support hard or symbolic links, apparently
despite the "unix extensions = yes" option being set. It may be that the
"unix extensions" option only applies to cifs clients, which leads us to
#2.

2. I tried to apply the cifs patch to a couple of my Linux client
machines, but for one reason or another, the module never wants to
either get compiled, or be inserted into the kernel. The kernel gives me
hundreds of errors if I try to compile it, after having downloaded the
source right from Red Hat, in RPM format... even when I copy the
/boot/config-2.4.21-15EL to the source directory and try to compile. 

3. Having lost faith in SMB and CIFS, I moved on to NFS. However, since
my authentication is going through the Windows server via winbind, each
client is getting different UID's and GID's for the same user. So, I
tried idmap_ad, after installing the Services for Unix 3.5 on the
Windows server, but can't get the clients to pull the UID and GID we set
on the server. It keeps using its own local algorithm and coming up with
its own UID/GID. I've tried removing the winbindd_idmap.tdb and
winbindd_cache.tdb, and setting the "idmap backend =
ad:ldap://servername" in the smb.conf, but to no avail.

4. We're currently considering dropping the Samba server altogether,
since nothing we do seems to work, but even that's causing problems. To
get it to work, we have to use NIS for authentication, and access all
the home directories via NFS. This all apparently requires much
configuration on the Windows server, and is causing me headaches...
besides, being an anti-Microsoft guy, I feel like I'm abandoning my
brethren in Linuxland.

I'm very open to suggestions... I've just about exhausted all the
options I can think of... so if anybody has any advice, please let me
know.

Shannon

____________________________
 
Shannon Johnson
Network Support Specialist / Systems Administrator
Dept. of Mechanical and Nuclear Engineering
224 Reber Building
University Park, PA 16802
Phone: (814) 865-8267
____________________________

More information about the samba mailing list