FW: [Samba] Cant correctly join windows 2K3 domain with Gentoo
Guillermo Gutierrez
ggutierrez at marketscan.com
Thu Sep 28 16:13:40 GMT 2006
Whoops, keep forgettingto hit "Respond to all".
-----Original Message-----
From: Guillermo Gutierrez
Sent: Wednesday, September 27, 2006 1:14 PM
To: 'Aaron Kincer'
Subject: RE: [Samba] Cant correctly join windows 2K3 domain with Gentoo
Please help me. I wound up not being able to log back in to my samba
server.
I realize thatI can boot up to the live cd and undo my changes. But I
really could use some sama expertise in realizing my goal of connecting
it to an Active Directory domain AND being able to utilize single-sign
on fr ssh and console.
-----Original Message-----
From: Aaron Kincer [mailto:kincera at gmail.com]
Sent: Wednesday, September 27, 2006 10:32 AM
To: Guillermo Gutierrez
Subject: Re: [Samba] Cant correctly join windows 2K3 domain with Gentoo
You are asking the wrong person--I don't know. Send it to the list.
Guillermo Gutierrez wrote:
> Yes, I want a single-signon so that I can log onto the samba server
> with using an active directory domain user. But if the instructions
> are using ldap to join the active directory domain, should I need
winbind at all?
>
> -----Original Message-----
> From: Aaron Kincer [mailto:kincera at gmail.com]
> Sent: Wednesday, September 27, 2006 8:17 AM
> To: Guillermo Gutierrez
> Subject: Re: [Samba] Cant correctly join windows 2K3 domain with
> Gentoo
>
> Gotcha. I'm not immediately aware of why you would want to do this
> unless you are providing shell-based services and want a single
> sign-on for that in addition to Active Directory accounts. I've never
> tried that, so maybe someone here will want to give you more info. I
> just tried logging into my samba server using a domain account and it
> wasn't very cooperative. I tried using the short name (just the
> username) and got an access denied. When I used the
> domainname+username, an interesting thing happened. A directory under
> /home/domainname/ was created for the user, but no login occurred.
>
> I did find this webpage that seems to claim to offer what you need:
>
> http://weblog.bignerdranch.com/?p=6
>
> Hope that helps.
>
>
>
> Guillermo Gutierrez wrote:
>
>> Forgive my ambiguity, I am not able to log in to the samba server
>> itself using a domain login.
>>
>> -----Original Message-----
>> From: Aaron Kincer [mailto:kincera at gmail.com]
>> Sent: Wednesday, September 27, 2006 7:43 AM
>> To: Guillermo Gutierrez
>> Cc: samba at lists.samba.org
>> Subject: Re: [Samba] Cant correctly join windows 2K3 domain with
>> Gentoo
>>
>> What are you trying to "log in" to? Do you mean connect to a share or
>> log in to the samba server itself on a shell?
>>
>> Guillermo Gutierrez wrote:
>>
>>
>>> Well...eventually I continued on to the "net ads join" command but I
>>> still couldn't get any domain users or groups to show.
>>> After that I started up winbind and a few minutes later I saw users
>>> and groups.
>>>
>>> Even though I can see domain info usingthe "getent passwd" command I
>>> still cannot log in as a domain user.
>>>
>>> -----Original Message-----
>>> From: Aaron Kincer [mailto:kincera at gmail.com]
>>> Sent: Wednesday, September 27, 2006 6:21 AM
>>> To: Guillermo Gutierrez
>>> Cc: samba at lists.samba.org
>>> Subject: Re: [Samba] Cant correctly join windows 2K3 domain with
>>> Gentoo
>>>
>>> Have you performed a net ads join command yet?
>>>
>>> Guillermo Gutierrez wrote:
>>>
>>>
>>>
>>>> Help me please, I am getting desparate.
>>>> I have tried to the follow the following how-to for joining a
>>>> Gentoo
>>>>
>
>
>>>> Linux samba server to a windows 2003 domain and cant seem to get
>>>> the
>>>>
>
>
>>>> the "getent passwd" command to any domain users.
>>>>
>>>> Here is the document that I was following:
>>>> http://gentoo-wiki.com/HOWTO_Adding_a_Samba_Server_into_an_existing
>>>> _
>>>> A
>>>> D
>>>> _D
>>>> omain
>>>>
>>>> Here is my smb.conf as well:
>>>>
>>>> # Global Configurations
>>>> [global]
>>>> # Netbios Identification
>>>> netbios name = Solidus
>>>> workgroup = marketscan
>>>> realm = MARKETSCAN.COM
>>>> server string = %h, Gentoo Samba Server %v
>>>>
>>>> # Logging Options
>>>> log file = /var/log/samba/log.%m
>>>> max log size = 50
>>>> log level = 5
>>>>
>>>> # smb password backend
>>>> # commented out to see if changing it to ldapsam works any
>>>> better
>>>> ; passdb backend = tdbsam
>>>> passdb backend = ldapsam:ldap://10.11.3.177
>>>>
>>>> # Winbind, Domain Options
>>>> password server = *
>>>> encrypt passwords = yes
>>>> security = ads
>>>> client signing = yes
>>>> template homedir = /home/MARKETSCAN/%U
>>>> template shell = /bin/bash
>>>> winbind enum users = yes
>>>> winbind enum groups = yes
>>>> winbind use default domain = yes
>>>> idmap uid = 10000-20000
>>>> idmap gid = 10000-20000
>>>>
>>>> # Network Settings
>>>> socket options = TCP_NODELAY
>>>> interfaces = eth0 lo
>>>> bind interfaces only = yes
>>>> socket address = 10.11.3.210
>>>>
>>>> # Master Browser options
>>>> local master = no
>>>> os level = 2
>>>>
>>>> # WINS and DNS Options
>>>> wins server = 10.11.3.177
>>>> dns proxy = yes
>>>>
>>>> # Share level configuration settings # # Public share [public]
>>>> comment = Public Volume on %h
>>>> path = /home/samba/public
>>>> valid users = +users
>>>> writeable = yes
>>>> public = yes
>>>> force create mode = 0766
>>>> force directory mode = 0766
>>>> guest ok = no
>>>>
>>>> # Home directory for valid users.
>>>> [homes]
>>>> comment = Home Folder for %u
>>>> valid users = %S
>>>> browseable = no
>>>> writeable = yes
>>>> force create mode = 0700
>>>> force directory mode = 0700
>>>>
>>>> Please do point out any and all flaws in my config or the document
>>>> that I mentioned above.
>>>>
>>>> Thanks,
>>>>
>>>> Guillermo Gutierrez
>>>> Network Administrator
>>>> Market Scan Information Systems, Inc
>>>> (818) 575-2000 x2017
>>>> ggutierrez at marketscan.com
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>
>
>
More information about the samba
mailing list