Guillermo Gutierrez
2006-Sep-28 16:17 UTC
FW: [Samba] Cant correctly join windows 2K3 domain with Gentoo
Whoops, keep forgettingto hit "Respond to all". -----Original Message----- From: Guillermo Gutierrez Sent: Wednesday, September 27, 2006 1:14 PM To: 'Aaron Kincer' Subject: RE: [Samba] Cant correctly join windows 2K3 domain with Gentoo Please help me. I wound up not being able to log back in to my samba server. I realize thatI can boot up to the live cd and undo my changes. But I really could use some sama expertise in realizing my goal of connecting it to an Active Directory domain AND being able to utilize single-sign on fr ssh and console. -----Original Message----- From: Aaron Kincer [mailto:kincera@gmail.com] Sent: Wednesday, September 27, 2006 10:32 AM To: Guillermo Gutierrez Subject: Re: [Samba] Cant correctly join windows 2K3 domain with Gentoo You are asking the wrong person--I don't know. Send it to the list. Guillermo Gutierrez wrote:> Yes, I want a single-signon so that I can log onto the samba server > with using an active directory domain user. But if the instructions > are using ldap to join the active directory domain, should I needwinbind at all?> > -----Original Message----- > From: Aaron Kincer [mailto:kincera@gmail.com] > Sent: Wednesday, September 27, 2006 8:17 AM > To: Guillermo Gutierrez > Subject: Re: [Samba] Cant correctly join windows 2K3 domain with > Gentoo > > Gotcha. I'm not immediately aware of why you would want to do this > unless you are providing shell-based services and want a single > sign-on for that in addition to Active Directory accounts. I've never > tried that, so maybe someone here will want to give you more info. I > just tried logging into my samba server using a domain account and it > wasn't very cooperative. I tried using the short name (just the > username) and got an access denied. When I used the > domainname+username, an interesting thing happened. A directory under > /home/domainname/ was created for the user, but no login occurred. > > I did find this webpage that seems to claim to offer what you need: > > http://weblog.bignerdranch.com/?p=6 > > Hope that helps. > > > > Guillermo Gutierrez wrote: > >> Forgive my ambiguity, I am not able to log in to the samba server >> itself using a domain login. >> >> -----Original Message----- >> From: Aaron Kincer [mailto:kincera@gmail.com] >> Sent: Wednesday, September 27, 2006 7:43 AM >> To: Guillermo Gutierrez >> Cc: samba@lists.samba.org >> Subject: Re: [Samba] Cant correctly join windows 2K3 domain with >> Gentoo >> >> What are you trying to "log in" to? Do you mean connect to a share or>> log in to the samba server itself on a shell? >> >> Guillermo Gutierrez wrote: >> >> >>> Well...eventually I continued on to the "net ads join" command but I>>> still couldn't get any domain users or groups to show. >>> After that I started up winbind and a few minutes later I saw users >>> and groups. >>> >>> Even though I can see domain info usingthe "getent passwd" command I>>> still cannot log in as a domain user. >>> >>> -----Original Message----- >>> From: Aaron Kincer [mailto:kincera@gmail.com] >>> Sent: Wednesday, September 27, 2006 6:21 AM >>> To: Guillermo Gutierrez >>> Cc: samba@lists.samba.org >>> Subject: Re: [Samba] Cant correctly join windows 2K3 domain with >>> Gentoo >>> >>> Have you performed a net ads join command yet? >>> >>> Guillermo Gutierrez wrote: >>> >>> >>> >>>> Help me please, I am getting desparate. >>>> I have tried to the follow the following how-to for joining a >>>> Gentoo >>>> > > >>>> Linux samba server to a windows 2003 domain and cant seem to get >>>> the >>>> > > >>>> the "getent passwd" command to any domain users. >>>> >>>> Here is the document that I was following: >>>> http://gentoo-wiki.com/HOWTO_Adding_a_Samba_Server_into_an_existing >>>> _ >>>> A >>>> D >>>> _D >>>> omain >>>> >>>> Here is my smb.conf as well: >>>> >>>> # Global Configurations >>>> [global] >>>> # Netbios Identification >>>> netbios name = Solidus >>>> workgroup = marketscan >>>> realm = MARKETSCAN.COM >>>> server string = %h, Gentoo Samba Server %v >>>> >>>> # Logging Options >>>> log file = /var/log/samba/log.%m >>>> max log size = 50 >>>> log level = 5 >>>> >>>> # smb password backend >>>> # commented out to see if changing it to ldapsam works any >>>> better >>>> ; passdb backend = tdbsam >>>> passdb backend = ldapsam:ldap://10.11.3.177 >>>> >>>> # Winbind, Domain Options >>>> password server = * >>>> encrypt passwords = yes >>>> security = ads >>>> client signing = yes >>>> template homedir = /home/MARKETSCAN/%U >>>> template shell = /bin/bash >>>> winbind enum users = yes >>>> winbind enum groups = yes >>>> winbind use default domain = yes >>>> idmap uid = 10000-20000 >>>> idmap gid = 10000-20000 >>>> >>>> # Network Settings >>>> socket options = TCP_NODELAY >>>> interfaces = eth0 lo >>>> bind interfaces only = yes >>>> socket address = 10.11.3.210 >>>> >>>> # Master Browser options >>>> local master = no >>>> os level = 2 >>>> >>>> # WINS and DNS Options >>>> wins server = 10.11.3.177 >>>> dns proxy = yes >>>> >>>> # Share level configuration settings # # Public share [public] >>>> comment = Public Volume on %h >>>> path = /home/samba/public >>>> valid users = +users >>>> writeable = yes >>>> public = yes >>>> force create mode = 0766 >>>> force directory mode = 0766 >>>> guest ok = no >>>> >>>> # Home directory for valid users. >>>> [homes] >>>> comment = Home Folder for %u >>>> valid users = %S >>>> browseable = no >>>> writeable = yes >>>> force create mode = 0700 >>>> force directory mode = 0700 >>>> >>>> Please do point out any and all flaws in my config or the document >>>> that I mentioned above. >>>> >>>> Thanks, >>>> >>>> Guillermo Gutierrez >>>> Network Administrator >>>> Market Scan Information Systems, Inc >>>> (818) 575-2000 x2017 >>>> ggutierrez@marketscan.com >>>> >>>> >>>> >>>> >>>> >>> >>> >>> >> >> > > >
Possibly Parallel Threads
Wisdom of the Ancients
