LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE
User Name
Password
SUSE / openSUSE This Forum is for the discussion of Suse Linux.

Notices


Reply
  Search this Thread
Old 08-26-2005, 05:53 PM   #1
carnold
Member
 
Registered: Feb 2004
Posts: 77

Rep: Reputation: 15
Samba Winbind and 2003 domain


Hello! Finally!! After some time messing with samba, winbind and kerberos to login to a windoze 2003 domain, has come to a joyful end!! For those of you trying the same thing, here is what i did to login, from a workstation running NLD9 SP2, to a 2003 server SP1:

1.config smb.conf (see sample)
2.shut down nscd
3.start samba
4.config nsswitch.conf (see sample)
5.set password for wbinfo (wbinfo --set-auth-user=root%'password')
6.validate wbinfo (wbinfo -u)
7.getent passwd
8.go into yast->network services->samba client
9.click browse for the domain. Select domain. Select "enable linux smb authentication"
10.login to domain

SMB.CONF sample:
[global]
workgroup = YOURDOMAIN
realm = YOURDOMAIN.HERE
netbios name = YOURCOMPUTERNAME
security = domain
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = Yes
use sendfile = Yes
printer admin = @ntadmin, root, administrator
map to guest = Bad User
winbind separator = +
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
encrypt passwords = yes
[homes]
comment = Home Directories
valid users = %S
browseable = No
read only = No
inherit acls = Yes
[profiles]
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775

NSSWITCH.CONF sample:
passwd: files winbind compat
group: files winbind compat

hosts: files dns winbind
networks: files dns

services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files

bootparams: files
automount: files nis
aliases: files

A few notes: When i selected my domain, i noticed an "E" was appended to the end of the domain name (ie. domaine) but people can login.
I am NOT using kerberos client, as other sites, places and papers have suggested.
I am NOT running LDAP client, only running samba client and winbind.
I did NOT have to disable any domain "digital signing" polices.

I hope this helps someone!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Winbind will not authenticate new 2003 domain users kaiser.jd Linux - Networking 2 04-09-2006 08:48 PM
Samba 3, Winbind (getent) not returning Domain USers delphiq Linux - Software 1 04-16-2004 05:18 AM
Slackware + SAMBA + WinBind + NT Domain = 3 day headache enkrypter Slackware 4 04-15-2004 10:23 PM
Samba + Winbind + Domain Users group wheeliemonster Linux - Networking 0 01-27-2004 09:56 AM
SAMBA access based on NT Domain groups [using winbind] tisource Linux - Networking 1 11-24-2003 12:34 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE

All times are GMT -5. The time now is 08:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration