[Samba] how to join to AD ?

Diego Zuccato diego.zuccato at unibo.it
Mon Nov 30 00:38:18 MST 2009 

mistofeles wrote:

> I have but two Linux user in the server: root and myself. If I try to add
> one, Samba checks the user from the AD and doesn't want to adduser or
> useradd  any, who alreay is in AD.
Right.
Use domain tools to add users to domain.
And keep different names for domain and local users (at least till 
you've figured out EXACTLY how it works!).

> I have logged in my WinXP as myself and I see my linux directory as
> \\server\myself
You shouldn't. You should access /home/DOMAIN/myself instead of 
/home/myself, UNLESS you've setup permissions in a "strange" way (as 
said in other posts, with all domain users mapped to a single Linux user).

> If I now write \\server\myfriend to the addres line of My Computer, I get
> another icon '\\server\myfriend' (registered user). Behind this icon is the
> directory \\server\myself. So, now I have two ways to get in to my
> directory. If I try \\server\another_friend (registered user), I get again
> to my directory and on the top level I have icons \\server\myself and
> \\server\another_friend. icon \\server\friend has disappeared.
I don't understand why you get another icon in any case, unless you've 
setup home dirs to always point to the same user's home.

> I build in linux a directory /home/minime. I n my Win7 box I log with name
> mini_me (registered user) Now I can see dir \\server\mini_me as it should be
> and not any other users dir. Praise goods its friday.
Is mini_me mapped to another Linux user?

You're messing things a lot. Maybe it's better if you restart, keeping 
separate users for Linux and domain.
Then setup (with winbind) PAM to let domain sers login to the Linux box, 
with homes in /home/DOMAIN/user .
The really important thing to remember is that YOU HAVE TO KEEP DOMAIN 
UIDs/GIDs in a well-defined range, out of the range used for standard 
(local Linux) users.

Given this, you'll have a solid starting point to experiment from.
Follow the KISS principle.

-- 
Diego Zuccato
Servizi Informatici
Dip. di Astronomia - Università di Bologna
Via Ranzani, 1 - 40126 Bologna - Italy
tel.: +39 051 20 95786
mail: diego.zuccato at unibo.it

More information about the samba mailing list