I'm in a simular situation, so let me jump in! My query is simular, I'm a bit further however than the origional poster... But perhaps it may help. As I research all this, I keep comming across good posts here...
Like the orig. poster, I'm putting together a test Suse 9 server for a intranet server I will be creating. We are mostly a Windows based network, with an Win 2k3 AD domain.
While I've used Linux (prev. Red Hat) and Samba for a long time, I've never jumped into Samba 2 or 3's newer features (I've been living in the v1 feature set). I'm sick of multiple user sets, one set on each box, and matching passwords. My test box now is configured this way, Samba ver 1 features only.
I followed the excellent how-to here (why don't the distrib make it this clear!):
I had success up until the PAM portions. Winbind sees my Windows accounts (my test environment here at home is a Win 2k server), but I can't log into them. In Yast I don't see them (maybe I never will).
I'm not sure of the origional posters final needs, but I would assume he'll have to do simular.
My interests are the following. And before I go towards actually implimenting it, I'm a bit unclear how it will work, or if it can be done.
1. I'm not interested necessarily in having my Linux box "log into" the Windows domain. I'm happy with local accounts. To get what I need to work, this may be part of how it is however.
2. I do however want Windows users (groups) to be able to access shares I create on the Linux box. In terms of administrating, I want to be able to assign rights to the shares, and permissions as Windows groups so I'm not playing the multiple matched account games anymore. This is Windbind's purpose as I understand it.
3. I have no need to AD/LDAP data unless its necessary for the requirements above. The intranet server will not be using AD data, such as printer lists, etc.
My questions at this point are:
Are my requirements feasible at the present state of Samba/AD integration?
Are there any weak points, say password changes being a problem, etc?
Once I have my "links" between Win + Samba working, how do you create shares and apply permissions to Windows groups? (I've found no details on how this works).