[Samba] Linux machine to join Samba Domain
vikas
c.vikas at altechtechnologies.com
Wed Apr 2 06:20:02 MDT 2014
Hi
thanks for reply,
i need to start from scratch can some one tell/help with sssd.
question after reading
https://wiki.samba.org/index.php/Local_user_management_and_authentication/sssd
what should i do to start ? Do i have to install sssd on server ?
i tried to compile latest version on client ubuntu 12.04 64bit but it
was asking that you do not have any openldap server so i though i should
go with apt-get install samba-common-bin sssd sssd-tools autofs krb5-user ?
Samba compile and domain option used:
./configure --enable-debug --enable-selftest
$/usr/local/samba/bin/samba-tool domain provision --use-rfc2307 --interactive
smb.conf *short version *
[global]
workgroup = IK
realm = IK.LOCAL
netbios name = DC
server role = active directory domain controller
dns forwarder = 192.168.1.1
idmap_ldb:use rfc2307 = yes
log file = /var/log/samba/log.%I
log level = 0
printing = bsd
printcap name = /dev/null
syslog = 0
# include = /usr/local/samba/etc/smb.conf.client-%I
smb.conf *long version*
http://pastebin.com/P0V8BxAF
PS: i just tried likewise which worked great but it was not what i want.
Just thinking that if likewise can work, without modifying any thing on
server how do i start with other tool(sssd,nslcd etc)
On Saturday 29 March 2014 06:33 PM, steve wrote:
> On Sat, 2014-03-29 at 17:50 +0530, vikas wrote:
>> On Tuesday 18 March 2014 08:32 PM, Sven Schwedas wrote:
>>> On 2014-03-18 15:48, vikas wrote:
>>>> hi.. all...
>>>>
>>>> can some one help me understanding how to add linux (mostly ubuntu,suse
>>>> etc)
>>>>
>>>> what exactly i am looking for is what one should do on linux machine
>>>> like editing /etc/nssswitch.conf, pam related file etc..but i dont find
>>>> any standard way where one can add any linux machine to samba domain
>>> Because there isn't any. :-)
>>>
>>>> my goal is to just get authenticate through Samba
>>> There's several ways for that...
>>>
>>> . Use winbindd. This is probably the most direct equivalent to Windows'
>>> "domain join". It's also crap and only has very limited features right
>>> now (Shell, home etc. aren't read from AD, but statically configured).
>>>
>>> . Use pam_ldap, and nss_ldap, and pam_ccreds, and probably half a dozen
>>> other ill-documented tidbits and not-quite-sufficient software bits and
>>> stitch together a working environment. It's as flexible as it's error
>>> prone, but should work with all corner cases and distributions. Eventually.
>>>
>>> . Use sssd. It's made by RedHat and should be the default for CentOS,
>>> and works sufficiently well with Samba. Needs a bit more client-side
>>> configuration than winbind iirc, but actually uses the provided AD
>>> information like shell and home dir.
>>>
>>>
>>>> Windows machine are successful getting connected to samba with all
>>>> policy working like USB disable through regedit, disable drives etc.
>>> All of these provide authentication only, though. There's no policy
>>> support, you'd need to use some other sync/deployment method for PolKit
>>> et. al. (and can't configure them via AD, as far as I know).
>>>
>>>
>> Hi..all
>> i am trying to authenticate linux machine to samba4 for which i am
>> trying very hard to do using below mention links
>> http://linuxcostablanca.blogspot.com.es/2013/04/ubuntu-client-for-samba4.html
>> http://zachbethel.wordpress.com/2013/04/10/linux-ldap-authentication-with-samba4/
>>
>> using linuxcosta link i was somewhat near to success(joined domain ) but
>> not able to login using domain user the only error it was showing was
>> could not contact to ldap server (on local machine) . On server there
>> was no error activity.
> OK, you you've joined the domain but can't authenticate? Please post:
> -smb.conf
> -/etc/krb5.conf
> -the output of:
> klist -ke /etc/krb5.keytab
> -/etc/nslcd.conf
> -/etc/nsswitch.conf
>
> And we'll get you authenticated.
> Cheers,
> Steve
> On Saturday 29 March 2014 06:48 PM, Rowland Penny wrote:
> Just what did you do? and what are you confused about?
> From what you have posted, I think that you want to authenticate ubuntu
> & suse clients to a Centos samba4 AD server. This should not be a
> problem if you follow the instructions on Steves blog :
> http://linuxcostablanca.blogspot.com.es
>
> Just try coming forward in time a bit on his blog, sometime in April
> 2013, I think.
>
>
> Rowland
>
>
>
>
More information about the samba
mailing list