Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE
User Name
SUSE / openSUSE This Forum is for the discussion of Suse Linux.


  Search this Thread
Old 08-26-2005, 05:53 PM   #1
Registered: Feb 2004
Posts: 77

Rep: Reputation: 15
Samba Winbind and 2003 domain

Hello! Finally!! After some time messing with samba, winbind and kerberos to login to a windoze 2003 domain, has come to a joyful end!! For those of you trying the same thing, here is what i did to login, from a workstation running NLD9 SP2, to a 2003 server SP1:

1.config smb.conf (see sample)
2.shut down nscd
3.start samba
4.config nsswitch.conf (see sample)
5.set password for wbinfo (wbinfo --set-auth-user=root%'password')
6.validate wbinfo (wbinfo -u)
7.getent passwd
8.go into yast->network services->samba client browse for the domain. Select domain. Select "enable linux smb authentication"
10.login to domain

SMB.CONF sample:
workgroup = YOURDOMAIN
security = domain
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = Yes
use sendfile = Yes
printer admin = @ntadmin, root, administrator
map to guest = Bad User
winbind separator = +
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
encrypt passwords = yes
comment = Home Directories
valid users = %S
browseable = No
read only = No
inherit acls = Yes
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775

passwd: files winbind compat
group: files winbind compat

hosts: files dns winbind
networks: files dns

services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files

bootparams: files
automount: files nis
aliases: files

A few notes: When i selected my domain, i noticed an "E" was appended to the end of the domain name (ie. domaine) but people can login.
I am NOT using kerberos client, as other sites, places and papers have suggested.
I am NOT running LDAP client, only running samba client and winbind.
I did NOT have to disable any domain "digital signing" polices.

I hope this helps someone!!


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Winbind will not authenticate new 2003 domain users kaiser.jd Linux - Networking 2 04-09-2006 08:48 PM
Samba 3, Winbind (getent) not returning Domain USers delphiq Linux - Software 1 04-16-2004 05:18 AM
Slackware + SAMBA + WinBind + NT Domain = 3 day headache enkrypter Slackware 4 04-15-2004 10:23 PM
Samba + Winbind + Domain Users group wheeliemonster Linux - Networking 0 01-27-2004 09:56 AM
SAMBA access based on NT Domain groups [using winbind] tisource Linux - Networking 1 11-24-2003 12:34 AM > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE

All times are GMT -5. The time now is 02:20 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration