Authenticating users against AD *without* joining the domain?
Ben Scott
dragonhawk at gmail.com
Wed Feb 13 11:53:21 EST 2013
On Wed, Feb 13, 2013 at 11:03 AM, Rudolph, Frank
<rudolph at beaconpower.com> wrote:
> We have all our Linux boxes (we have about 50 of them connected
> together under the umbrella of a MS Exchange Server)
Uh... just FYI, Exchange has nothing to do with
SMB/CIFS/NetBIOS/etc. That might be your problem right there. :-)
> We rely on the firewall of the Exchange Server ...
Nor is Exchange a firewall. Exchange is a mail server. :-)
> Here was the most important piece: We DO NOT REFER TO
> THE LINUX SERVERS BY THEIR NETWORK NAMES.
You have no name resolution configured in the provided Samba config
file; I suspect that's part of your problem. The defaults use
broadcasts, which are unreliable at best, and often don't work at all.
If you're in a good-sized Microsoft shop, and there is a need or
desire to support NetBIOS (very common), the Windows admins very
likely using WINS (NBNS), and you're going to need to configure that.
The Windows people may also have disabled broadcast name resolution
entirely.
Alternatively, the Windows admins may have gone entirely to using
DNS names, and you're going to need to configure Samba to know that.
-- Ben
More information about the gnhlug-discuss
mailing list