[Samba] authenticate Linux users to AD on Windows 2003R2

Robert LeBlanc robert at leblancnet.us
Fri May 15 13:51:11 GMT 2009


Just FYI, you can use:

Template homedir = /home/%U

To make winbind home directories in /home rather than /home/domain.

Robert LeBlanc
Life Sciences Computer Support
Brigham Young University
leblanc at byu.edu
(801)422-1822

> -----Original Message-----
> From: samba-bounces+robert=leblancnet.us at lists.samba.org
[mailto:samba-
> bounces+robert=leblancnet.us at lists.samba.org] On Behalf Of Steve Rippl
> Sent: Thursday, May 14, 2009 10:20 PM
> To: James D. Parra; Samba
> Subject: Re: [Samba] authenticate Linux users to AD on Windows 2003R2
> 
> Well, not exactly Samba related... but we have a file server that runs
> Samba for Windows clients and NFS for the Linux ones on the same
> folders.  Both authenticate against AD (we're running 2003 with SFU
> 3.5,
> not R2).  We have uid/gid/home folder info in AD.  Linux machines
mount
> the file share /home from the files server for all home folders (fstab
> on the local machine) and then we use ldap in nsswitch to get the
> correct path to the users home folder, which is then there for them
and
> they have access to once they've logged in.  _GOT_ to make sure your
> uid/gid info in AD matches the uid/gid info on the nfs share, we use
> wbinfo and "idmap=rid" in smb.conf to script consistent uid/gids for
> our
> folders (Perl is your friend!)
> 
> We use ldap in nsswitch because we have a "non-samba" layout for our
> home folders, ie. it's not /home/yourdomain/username, but if you can
> have that setup then you can simplify things a bit by using winbind in
> nsswitch and you get the "standard" path for your home folder.  As I
> said, just make sure you've already mounted the /home on the client
> through fstab.  There are pretty good tutorials out there on most
parts
> of this for Debian/Ubuntu if you Google it (probably other Distros
too,
> I'm just biased!).
> 
> Of course I'm running a Linux File server, you'll need to use Server
> 2003 R2's nfs abilities which I've never tried, but it claims to be
> able
> to do it.  Or you could move your file server over to
Linux/Samba/nfs!!
> 
> Let me know how it works out!  I can give you more specific details if
> you want, but probably best off list I would think as it's not exactly
> Samba...
> 
> Steve
> 
> 
> James D. Parra wrote:
> > Hello,
> >
> > I have enough details on how to have Linux users authenticate to a
> 2003r2
> > AD, but I need help getting their home dir's to automatically mount
> to a
> > windows share. Any details would be greatly appreciated.
> >
> > Many thanks,
> >
> > James
> >
> 
> --
> Steve Rippl
> Technology Director
> Woodland School District
> 360 225 9451 x326
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 




More information about the samba mailing list