Philipp Rusch - New Vision IT
2012-Jan-04 19:56 UTC
[Samba] Samba Cluster integration with W2K8R2 ADS permission problems
We have a setup with three nodes - SLES 11 SP1 + HAE addon. CTDB is managing SAMBA and winbind, I can see the shares on my shared storage from my windows machines. My problem is: CTDB-RA is inserting idmap backend = tdb2, this seems to be needed for a clustered setup. But how do I integrate with an ADS, then ? I want to manage my users and groups from the Windows ADS controllers and have SLES map them to the shares. I don't want to create users on the linux side. Kerberos seems to work, LDAP has problems. I did not get a single userid to write to any share I defined. I can only read from there, no modification is allowed. We want to build a clustered fileserver for CIFS shares, therefore we need a reliable way to integrate with an ADS. Any hints highly appreciated. - Philipp