[Samba] Looking for successful implementation of Samba + W2K3 AD

Billinghurst, David (CALCRTS) david.billinghurst at comalco.riotinto.com.au
Mon Oct 24 22:51:18 GMT 2005 

> From: Daniel Cheong
> 
> I am desperate to know whether there is any successful 
> implementation of
> Samba 3.0.x as member server of Microsoft Windows 2003 server running
> Active Directory.

I have recently set up this configuration.  It seems to be running
OK now but it took me a while as I got confused.  I had trouble:
 - joining the server to the AD realm
 - sorting out the user mapping
The smb.conf file is trivial (below).

The samba server is a Dell 2850 running RHEL 3.  The RH binaries
of samba-3.09 didn't work for me.  I has to upgrade to samba-3.0.20b 
compiled from source.

> I have in production the said architecture and it is giving 
> me all sort of
> connection problems to SAMBA shares during peak hours when users are
> numbered as many as 500+ concurrently. When there are only few users,
> everything seems to work fine.

My samba server only has a few users.  The AD server is part of 
a global corporate network and I don't control it.

Not sure my setup is best practice, but here it is.

### /etc/krb5.conf ###
[libdefaults]
 default_realm = CAL.RIOTINTO.ORG
 
[domain_realm]
  cal.riotinto.org = CAL.RIOTINTO.ORG
 .cal.riotinto.org = CAL.RIOTINTO.ORG

### smb.conf ###
# Samba config file created using SWAT
# from 203.4.72.96 (203.4.72.96)
# Date: 2005/10/18 09:41:32
 
[global]
        workgroup = CAL
        realm = CAL.RIOTINTO.ORG
        server string = Samba Server
        security = ADS
        username map = /usr/local/samba-3.0.20b/lib/smbusers
        log level = 3
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        load printers = No
        os level = 0
        local master = No
        dns proxy = No
        ldap ssl = no

[homes]
        comment = Home Directories
        read only = No
        browseable = No
                                                                                
[tmp]
        comment = calttux001:/tmp
        path = /tmp
        read only = No

### smbusers ###
 # Unix_name = SMB_name1 SMB_name2 ...
unixusr1 = smbuser1 CAL.RIOTINTO.ORG\smbuser1
unixusr2 = smbuser1 CAL.RIOTINTO.ORG\smbuser2
unixusr3 = smbuser1 CAL.RIOTINTO.ORG\smbuser3


NOTICE
This e-mail and any attachments are private and confidential and may contain privileged information. If you are not an authorised recipient, the copying or distribution of this e-mail and any attachments is prohibited and you must not read, print or act in reliance on this e-mail or attachments.
This notice should not be removed.

More information about the samba mailing list