[Samba] Samba and ADS

[markus]

Hi Bruno,

if I understand you right, you want to setup multiple Samba Domain 
Member Server on virtual machines. May I ask you why? This makes no 
sense for me. If you want to use the AD for your linux clients as the 
user and password server, you just have to start winbind on your 
(virtual) clients. That's it. If I am wrong and you really want to setup 
more than one Domain Member Server, be sure to use another idmap backend 
(ldap or rid). In this case you have to do a "net ads join" for every of 
these machines. Or you let create a user with administrator privileges 
you can use.

-markus

Bruno Gola wrote:
> Hello guys :-)
>
> Last week I was configuring a samba server here in my linux box to act as a
> AD Domain member. Using Samba, kerberos5 and winbind i finally did it. Now,
> i have another problem, for each machine that i wanna do this, i need to add
> this machine in the Win2k AD Server (with the command net ads join -UAdmin
> etc) but, the problem is that i dont have the permission (or the admin
> account) to do this, so everytime i create a new machine in vmware i need to
> call the infra structure guys, and i dont want this, so the solution was, to
> create a new samba server that will be a domain controller, and my Virtual
> Machines would auth against this serverm and this server would auth each
> user against the AD.
>
> Example:
>   $USER auth           check the $USER and passwd @ AD
> VM ---------> Samba ------------------------------ -------> AD
>
> Resuming, the AD will be just a passwd server for samba.
>
> Does anyone knows if it is possible? Is there a way ?
>
> Thanks!
>
> Bruno Gola
>