LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-23-2002, 07:35 AM   #1
Lutzer
LQ Newbie
 
Registered: Jul 2002
Location: Hamburg, Germany
Distribution: Suse Linux 8.0
Posts: 5

Rep: Reputation: 0
Question SAMBA (again) using a Win-Domain-Controller


Hey all, newbie seeking help.
I see my linx share, no probs. Can edit files, delete, add whatever.

Now I am trying to configure the samba server in order to be able to change user rights for linux shares vie windows machines. thus preparing the samba server to be compatible with active directory.

any clues ? hints ? tips ?

thanks,

answers apreciated..

Lutzer
 
Old 07-23-2002, 10:21 AM   #2
turnip
Member
 
Registered: Jul 2002
Posts: 143

Rep: Reputation: 15
You cannot change user rights on directories with a NT domain controler. You can setup samba to join an nt domain and even authenticate users off the nt box (ones that do not exist on the nix box) You need winbindd for this. however, part of the setup screws your system accounts. You have to heavily edit /etc/pam.d/* to point all authentication to winbind, as well as editing nsswitch.conf.

Leave the sshd file in pam.d alone. so in the event you jack your system you can still login through ssh. But I don't think you can define shares on the nt box and have them be valid on nix. I could be wrong tho I havn't spent any time playing with winbind in depth
 
Old 07-23-2002, 11:01 AM   #3
Lutzer
LQ Newbie
 
Registered: Jul 2002
Location: Hamburg, Germany
Distribution: Suse Linux 8.0
Posts: 5

Original Poster
Rep: Reputation: 0
thanks,

I read about editing the files, but most of the articles were about RH linux. any differences to SuSe 8.0 ?
so how exactly do I change the according files ?

thanks in advance
 
Old 07-23-2002, 11:28 AM   #4
turnip
Member
 
Registered: Jul 2002
Posts: 143

Rep: Reputation: 15
nsswitch.conf passwd: files winbind group: files winbind

All files in pam.d EXCEPT sshd..

auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok


replace the account lines with this:
account required /lib/security/pam_winbind.so

smb.cof [global]
winbind separator = +
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
winbind uid = 10000-20000
winbind gid = 10000-20000
workgroup = DOMAIN
security = domain
password server = *



Once you made all the changes restart samba. make sure winbindd is running. ps -ef |grep winbindd if not go to /etc/init.d
./winbindd

smbpasswd -j DOMAIN -r PDC -U Administrator

then check that it actually worked with

wbinfo --help (i cant remember the switches)

getent passwd
getent group

Some files might be in different places. All pam.d entries are replacements for lines there so if the line begins with auth or account replace it.

This will break root logins on the nix box. along with any other user account not in MS-AD

depending on the speperator you use the login now looks like this

domain+user or user+domain, I cannot remember which.

This is an example and by no means should you expect it to work the first try. Also if you make all the entries into pam.d/* EXCEPT sshd and you cant login through X or a shell. You will still be able to over ssh. And even if you can login. it wont be as root. or with root access. So my suggestion is to leave sshd a lone so you can still get root on the box.

Last edited by turnip; 07-23-2002 at 11:39 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
samba as a domain controller paul_mat Linux - Networking 1 02-08-2005 11:43 AM
help with new samba domain controller bladrag Linux - Networking 5 05-04-2004 09:52 PM
Samba as a Domain Controller mfeoli Linux - Networking 0 01-13-2004 09:32 AM
samba as a domain controller elements Linux - Networking 1 01-02-2004 06:17 PM
adding win 2000 server domain controller, bind dns GraemeK Linux - Networking 6 08-23-2003 05:44 PM


All times are GMT -5. The time now is 05:04 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration