[Samba] doubt
Rowland Penny
rpenny at samba.org
Mon Apr 17 17:35:58 UTC 2017
On Mon, 17 Apr 2017 14:28:12 -0300
Luiz Guilherme Nunes Fernandes <narutospinal at gmail.com> wrote:
> This problem, in the computer park there is a domain controller
> microsoft without shared printers, I need to use another server with
> samba shares + cups, but with authentication in the microsoft active
> directory. I try parameters securty = ads (join machine in domain)
> and user ( cant read users with nslcd and nsswitch , but only work
> with ssh and apache.
>
> Topology
>
> 1 server microsoft windows ( Have user and groups tree and shared
> paste) ( This server ok, work with pdc, and shared paste )
> 1 Linux with samba and need only shared printers with authentication
> in previous server . ( No work )
>
>
> Rowland Penny
> What I basically want to do is use the users and groups from the
> active directory in my new samba with shared printers. What I can not
> do this authentication.
>
> This question is, i can use winbind for new shared printers? i join
> the machine in domain, and cups work with anonymous. But any idea?
>
>
> # My mini tutorial
>
> #########################
> (First test)
> #########################
>
> realm join --client-software=winbind -U login NONAME.COM.BR
> realm list
> authconfig --enablewinbindusedefaultdomain --update
>
> wbinfo -t
> wbinfo -g
> wbinfo -u
>
> Work (join in domain, and list groups and users)
>
> i can use for authentication ssh and apache (work)
>
> ### My problem
> Acually File with winbind
>
> workgroup = NONAME
> realm = NONAME.COM.BR
> security = ads
> idmap config * : range = 16777216-33554431
> template homedir = /home/%U@%D
> template shell = /bin/bash
> kerberos method = secrets only
> winbind use default domain = true
> winbind offline logon = true
> log file = /var/log/samba/log.%m
> log level = 3
>
>
> passdb backend = tdbsam
> printing = cups
> printcap name = cups
> load printers = yes
> cups options = raw
> winbind refresh tickets = yes
> winbind enum groups = no
> winbind enum users = no
>
> [homes]
> comment = Home Directories
> valid users = %S, %D%w%S
> browseable = No
> read only = No
> inherit acls = Yes
>
> [printers]
> comment = All Printers
> path = /var/tmp
> printable = Yes
> create mask = 0600
> browseable = No
> valid users = abc, bcd, dce, @grups_printers
>
> [print$]
> comment = Printer Drivers
> path = /var/lib/samba/drivers
> write list = root
> create mask = 0664
> directory mask = 0775
>
> #########################
> (Second test)
>
> ### My problem
> #########################
>
> yum install -y nss-pam-ldapd nscd
>
> ldapsearch ( work, i can search and groups and users too)
>
> nslcd.conf work too
>
> i can use for authentication ssh and apache (work)
>
> ### My problem
> Acually File with samba
> [global]
>
> workgroup = NOMEDOMINIO
> netbios name = MADAGASCAR
> server string = Servidor de Arquivos
>
> security = user
> encrypt passwords = true
> enable privileges = yes
> passdb backend = tdbsam
>
> printing = cups
> load printers = yes
>
> enable privileges = yes
>
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
>
> [print$]
>
> path = /var/samba/printers
> read only = yes
> write list = printer
> inherit permissions = yes
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> browseable = yes
> guest ok = yes
> writable = no
> printable = yes
> valid users = abc, bcd, dce, @grups_printers
>
>
>
Are you using sssd as well ?
If so, you should decide which to use, sssd or winbind, you cannot use
both.
If you are not using sssd, you haven't set up the smb.conf correctly,
see the pages I pointed you to.
If you are using sssd and want to continue using it, you should remove
winbind and then contact the sssd-users mailing list, this is not a
Samba problem.
Rowland
More information about the samba
mailing list