Samba authentication to Windows PDC?
Bryan O'Neal
BONeal at cornerstonehome.com
Thu Oct 25 20:20:33 MST 2007
That is a very nice write up. Here is another if you would like it
http://www.section6.net/wiki/index.php/Configuring_Samba3_to_be_a_Window
s_Domain_Member
________________________________
From: plug-discuss-bounces at lists.plug.phoenix.az.us
[mailto:plug-discuss-bounces at lists.plug.phoenix.az.us] On Behalf Of Luis
Villarreal
Sent: Thursday, October 25, 2007 1:18 PM
To: Main PLUG discussion list
Subject: Re: Samba authentication to Windows PDC?
I know im a little late to the discussion but this maybe of some help. I
used this howto
found at http://xciprox.googlepages.com/winbind.pdf but I can't remember
where i found it, but kudos to the person that wrote it. It is debian
based but im guessing can it be applied to redhat equivalent values.You
actually have to configure a number of things, primarily pam to allow
active directory logons. Then as Dan stated add the "user+ADGROUP"
values to each share in smb.conf.
On 10/22/07, Dan Lund <situationalawareness at gmail.com > wrote:
it's my understanding that with winbind you have the capability in the
smb.conf to set allows for an AD group, or a certain user in the AD
group.
i.e. user+ADGROUP
I wrote a document on this for my previous job but I need to dig it
up.. that is, unless someone else wants to elaborate :)
On 10/22/07, Alan Dayley <alandd at consultpros.com> wrote:
> Goal: Configure Samba on a Linux server to authenticate users against
> the Windows 2003 Server domain controller.
>
> Linux server
> ------------
> - Red Hat Enterprise Linux 5
> - Samba 3.02325202
> - Configuration via Webmin or Red Hat configs or command line
> - Root access available
>
> Windows Domain Controller
> -------------------------
> - Active Directory is active, if that matters
> - LDAP service is available (Bugzilla on the Linux server is already
> correctly authenticating via LDAP to the Windows server)
>
> I have, so far, successfully configured Samba to serve up directories
> that are read/writable by all guests or read-only by all guests. I
need
> to configure shares that are writable by only one or a few users and
> read-only to many others. Such restrictions should be based on the
> Windows domain controller user credentials. (In fact, it would be
great
> to have all user credentials for access on the Linux server be from
the
> domain controller.)
>
> I am wading through much documentation on the subject. So far my
> understanding is too weak to arrive at the result I want. If anyone
has
> any help to share in this regard, I appreciate it.
>
> Alan
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
--
Thanks,
Dan Lund
"The major difference between a thing that might go wrong and a thing
that cannot possibly go wrong is that when a thing that cannot
possibly go wrong goes wrong it usually turns out to be impossible to
get at or repair."
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20071025/96ded813/attachment.htm
More information about the PLUG-discuss
mailing list