[Samba] how to join to AD ?

mistofeles ptmusta at utu.fi
Wed Nov 25 14:51:32 MST 2009 


Jason Gerfen-2 wrote:
> 
> ADS server type will allow domain authentication for samba directories
> You will need Samba which provides winbindd, sasl, openldap, kerberos.
> Samba should be configured with ads, acl, ldap, kerberos, pam, winbind 
> options if you are building from source.
> I would configure it with the following options for optimum scalability:
> kerberos, acl, caps, cups, ipv6, ldap, pam, python, readline, winbind, 
> ads, async, automount, doc, examples, fam, quotas, selinux, swat, syslog.
> 

- Huh. In the beginning I tought all that is needed is packed to samba
packet, which is installed with 'apt-get install samba'. Your list contains
an unbelievable long list of packets and options I have seen no mention
anywhere. Now it seems that I got to rip the packet open and check it
thoroughly ?!?
The only thing I'm sure, I will not include, is this damned IPv6. 
It seems odd in my eyes, that you can set samba make the tasks we ask it
just editing the smb.conf file, if we set 'security = user', but checking
the passwords from an external server needs editing and installing so many
files.
I'm not very enthusiastic to compile anything. 


Jason Gerfen-2 wrote:
> 
> In gentoo linux the following will give you everything you need:
> USE="kerberos acl caps cups ipv6 ldap pam python readline winbind ads
> async automount doc examples fam quotas selinux swat syslog" /
> emerge mit-krb5 pam_krb5 pam_ldap openldap nss_ldap openssl cyrus-sasl ntp
> samba -va
> 
Got to go through this and check what is there already in the Ubuntu samba
deb packet :(


Jason Gerfen-2 wrote:
> 
> Here is are a few file configuration examples to get you going:
> /etc/krb5.conf
> /etc/nsswitch.conf
> /etc/samba/smb.conf
> /etc/pam.d/system-auth
> ===========
> #%PAM-1.0
> auth       required     pam_mount.so
> . . .
> session    optional     pam_krb5.so
> ===========
> I hope that helps. Also if you look at the pam configuration above you 
> will see some of the best pam modules to install with ubunu package
> manager.
> 
Do you mean by 'module' for example pam_krb5.so ?
I tought they are built in the deb packet 

Thank you.
It will take me a day to go through all that you recommend.
-- 
View this message in context: http://old.nabble.com/how-to-join-to-AD---tp26513594p26520905.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list