replacing active directory when using samba and winbind
My current configuration uses samba and winbind on a linux server that authenticates users from a windows active directory server.
samba config summary workgroup = CORPNET realm = corpnet.maydomain.com netbios name = FS01 encrypt passwords = yes security = ads auth methods = winbind wins server = 192.168.1.2 winbind uid = 10000-20000 winbind gid = 10000-20000 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 #idmap uid = 10000-20000 #idmap gid = 10000-20000 username map = /etc/samba/users.map template shell = /bin/bash template homedir = /home/%D/%U winbind enum users = yes winbind enum groups = yes winbind cache time = 10 winbind use default domain = yes I also have kerberos running. The linux server mainly is a file server for remote windows users. It also have local account for users under /home/CORPNET/username. I also servers as a vpn server for windows built in vpn client. The machine also has DNS service running. It like to detach it from the active directory service, which runs on the windows server (separate box) However, I do not want to recreate all user accounts, especially since the filse on the samba share (i.e. the file server) has access right set to specific users. In short, I need to run a subset of active directory, enough to keep authentication for the file server, vpn, and local user accounts. I understand I could use ldap, winbind, or winbind + ldap, but cannot find a good howto. Also unclear is how can I copy over the user accounts info, or easily recreate their settings? I understand I need to maintain the |
All times are GMT -5. The time now is 02:31 AM. |