[Samba] Linux Desktop as Windows Machine Logon

Gaiseric Vandal gaiseric.vandal at gmail.com
Mon Jun 14 16:43:22 MDT 2010


On 06/14/2010 05:58 PM, Alberto Moreno wrote:
> On Mon, Jun 14, 2010 at 2:40 PM, John Drescher<drescherjm at gmail.com>  wrote:
>    
>> On Mon, Jun 14, 2010 at 5:36 PM, Alberto Moreno<portsbsd at gmail.com>  wrote:
>>      
>>>   Hi people.
>>>
>>>   I would like to know if this is possible.
>>>
>>>   Working with windows is easy to login, automatically add the user
>>> home folder and shares, easy.
>>>
>>> I would like to know, is this behavior could be setup in a Linux
>>> Desktop, I would like to setup this with Centos+Ubuntu desktops.
>>>
>>>   Both machines running Desktop software, cannot authenticated against
>>> LDAP, I already setup ldap clients on both machines, by ssh I can
>>> access using my LDAP credentials, the LDAP servers is my PDC running
>>> samba+ldap and works.
>>>
>>>   But wet I try to login with some user from LDAP to Desktop session it
>>> won't accept my user, I even setup inside each Gnome session the ldap
>>> settings.
>>>
>>>        
>> Yes that works for me under gentoo. You need to however setup pam and
>> nsswitch to use ldap.
>>
>> John
>>
>>      
> Hi John.
>
> Thanks for your quick answer.
>
> Just to add, with Centos using authconfig-tui u setup your machine to
> authenticated vs ldap, it works, this change nsswitch.conf, after this
> u can use the users from ldap inside Centos.
>
> Just need to verify pam, thanks John.
>
>
>    
I run RedHat EL 5.x and Fedora Core 11 Linux clients with a Sun 
Directory Server as the LDAP server.     I found I needed a few extra 
steps.
If you are using autofs for your home directories you may need to 
specify  a "rootbinddn" value in /etc/ldap.conf (which perms 700.)   
This also requires storing the password in /etc/ldap.secret.  Autofs 
runs with the root user privileges and not the real user's privileges.   
     Sometimes if your home directory fails to mount it cause your login 
session to fail.  (alternately, you may be able to use an ldap proxyuser 
account but it may not be secure.)

Make sure in /etc/ldap.conf that parameters like "nss_base_group" are 
set correctly.

Make sure that /etc/sysconfig/autofs specifies the correct ldap naming 
schema.  And you may want to check /etc/auto_master etc.  My ldap 
backend was tweeked to support solaris and linux autofs clients-  you 
may not need to do this.



This isn't really a samba issue.   I didn't need to change pam.










More information about the samba mailing list