Samba as ADS member server
Benjamin Scott
bscott at ntisys.com
Mon Jan 31 19:52:00 EST 2005
On Mon, 31 Jan 2005, at 2:40pm, bill at bfccomputing.com wrote:
> Does anybody have an smb.conf for a Samba 3 server as an ADS member server
> (using ADS for authentication)?
The key ingredient is to put
security = ADS
realm = ad-domain.example.com
in your smb.conf file.
The Kerberos stuff is "magic" to me. I just followed the HOWTO, which
basically says "don't screw with it unless you have to". I didn't have
to.
To actually create the trust relationship between Samba and AD, you need
to run this command once:
net ads join -U Administrator%password
I think that was all of it.
> I suspect I'm doing something wrong in configuring the LDAP lookups but
> I'm not finding out where...
Hrm? I've never had to worry about the internals of LDAP with Samba in
AD. Samba just makes all that happen for me. Maybe that's your problem?
Samba as an ADS member is not the same as Samba as a stand-alone using an
LDAP backend for the password database.
--
Ben Scott <bscott at ntisys.com>
| The opinions expressed in this message are those of the author and do |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind. |
More information about the gnhlug-discuss
mailing list