[Samba] Help with Domain Authentication

[Tim Holmes]

Good Morning Everyone:

 

I am running into a problem here that is beginning to frustrate me very
seriously.

 

I am running a windows 2003 Active Directory Domain that has several
Fedora Core 2 Servers in it.  One of the servers is a file server, and
another is a webserver, both of which run samba (what ever version a
recent yum update would have updated FC2 to).  I have a computer class
that will be starting creating websites this week in Front Page, and I
need to create webspace for them to post their sites to.

 

I can do this, but the procedure is very very clumsy, time consuming and
not particularly secure, and I need to get it updated and working right.

 

As it currently stands, the procedure is as follows:

 

1 Create the user directory on the webserver

2. Create the linux user - system/users and groups

3. Create a public_html directory under their home directory

4. chmod home directory 755

5. chmod public_html directory 755

6. chown home directory -R to user

7. chgrp home directory to apache

8. create samba user -- system-config-samba

9. input windows password into samba as samba password

 

 

everything should then work

 

This procedure works.  It takes 3 - 5 minutes per itineration, which
gets tedious at best.  The problem comes in the fact that next year we
want to implement a similar system for storing all of our user files on
our samba file server, and creating 250 accounts like this is just out
of the question.  

 

I realize that I am a new linux administrator, and that my understanding
of Linux and Samba are fairly limited, but it seems that there must be
an easier way of accomplishing this.  The point that especially wrankles
me is having to ask the user for their password, and then manually enter
it into samba to get it to recognize the password, it should be able to
authenticate against the active directory and work that way.  

 

I suspect that there is something that I am not doing correctly.  The
major concern and the place that I need the most help is getting the
authentication set up correctly to use the Active Directory.  It greatly
concerns me to have to ask each user for his/her password to input into
smbpasswd, I understand that samba should be able to query the AD
security database, but I cant figure out how to make it happen.

 

I can be reached on list, off list at tholmes at mcaschool.net and on
instant messenger - yahoo instant messenger - w8tah  aol instant
messenger w8tahham.

 

I am getting desperate here, as I am facing several hours of creating
accounts that I really don't have time to do.  Everything is fair game
including trashing my current samba configuration and starting over, I
just need help

 

TIM



 

Tim Holmes

 

IT Manager / Webmaster

Medina Christian Academy

A Higher Standard...

 

Jeremiah 33:3

Jeremiah 29:11

Esther 4:14