[Samba] Samba 3 to Samba 4
Rowland Penny
rowlandpenny at googlemail.com
Wed Jan 15 04:32:53 MST 2014
On 15/01/14 10:19, shemgp at aiias.edu wrote:
>> On 15/01/14 04:13, Shem Pasamba wrote:
>>> On 1/14/2014 7:17 PM, Rowland Penny wrote:
>>>> Ah, just a bit late, he already has ;-)
>>>>
>>>> Just waiting for him to tell us what OS's he is using, his client
>>>> smb.conf is all over the place and I think he is using a very old
>>>> distro.
>>>>
>>>> Rowland
>>> I'm using CentOS release 6.4 (Final) for the samba 4 server.
>>>
>>> Thanks for the help.
>> OK, but what OS is running on the clients ??
>> Did you compile samba4 yourself ??
> The OS running in the clients is Debian. I tried an Ubuntu 13.10 to
> connect to the samba with the same configuration of the Debian machine and
> I got the same results. The samba4 was compiled from the source including
> the bind and ntp servers.
>
OK, try this smb.conf on your Ubuntu machine:
[global]
workgroup = AIIASSAMBA4
realm = aiias.samba4.edu
server string = %h server
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = ADS
invalid users = root
winbind cache time = 100
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind expand groups = 4
winbind nss info = rfc2307
winbind refresh tickets = Yes
winbind normalize names = Yes
idmap config * : backend = tdb
idmap config * : range = 1100-5000
idmap config AIIASSAMBA4:backend = ad
idmap config AIIASSAMBA4:range = 15000-30000
idmap config AIIASSAMBA4:schema_mode = rfc2307
winbind offline logon = yes
[homes]
comment = Home Directories
browseable = no
# the line below will not allow the user to write to their own
homedirectory, I think you meant 'read only = No'
# writable = no
read only = No
create mask = 0700
directory mask = 0700
valid users = %S
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
public = no
writable = no
create mode = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
It will only work if your users have the uidNumber & gidNumber
attributes in AD and they must also fall inside the range 15000-30000
Install the new smb.conf and restart samba, then join the machine to the
domain with:
sudo net ads join -U Administrator at AIIAS.SAMBA4.EDU
When asked, enter the password you used during provision.
You will probably have to add 'winbind' to the passwd & group lines in
/etc/nsswitch.conf, but wbinfo should now work correctly and getent
passwd should display all your local & domain users.
Rowland
More information about the samba
mailing list