Can someone please help. I remember seeing a message within the past couple of weeks about adding a samba server to an existing NT domain. Our network guys have added the machine name to the NT domain, what else do I need to do on my side? Thanks, Daniel
On the Samba side, you will need to change your smb.conf file global section so that you have security = domain encrypt passwords = yes workgroup = <domainname of your existing NT domain> password server = * in you global section then run smbpasswd -j <NT Domain name> -r <NT Domain PDC> Hope this helps, Don You will also need to add entries into your user.map file if your NT usernames are different from your Unix user names... -----Original Message----- From: Daniel_Casey@jbhunt.com [mailto:Daniel_Casey@jbhunt.com] Sent: Friday, February 02, 2001 2:39 PM To: samba@us5.samba.org Subject: nt domain help Can someone please help. I remember seeing a message within the past couple of weeks about adding a samba server to an existing NT domain. Our network guys have added the machine name to the NT domain, what else do I need to do on my side? Thanks, Daniel
Cool, looks like it worked? # ./smbpasswd -j dom01 -r domdev00 2001/02/02 13:59:30 : change_trust_account_password: Changed password for domain DOM01. Joined domain DOM01. So what is the password? And does that mean that I have to have the same userid exist on the Sun Solaris Samba box as I do on the NT domain _if_ users need to get to the Samba shares? Would I use smbpasswd to add each user? Thanks again! Daniel
Well, I found a DOMAIN_MEMBER.txt doc in the
source tree and it does look like I have to have
a user on the Sun box for every user in the NT
domain that wants to access shares on the Sun box.
So, do I have to set passwords for the users on
the Sun box? I wouldn't think so since I'm
authenticating against an NT domain.
Daniel_Casey@jb
hunt.com To: "MCCALL,DON
(HP-USA,ex1)" <don_mccall@hp.com>
Sent by: cc: samba@us5.samba.org
samba-admin@us5 Subject: RE: nt domain help
.samba.org
02/02/2001
02:12 PM
Cool, looks like it worked?
# ./smbpasswd -j dom01 -r domdev00
2001/02/02 13:59:30 : change_trust_account_password: Changed password for
domain DOM01.
Joined domain DOM01.
So what is the password?
And does that mean that I have to have the same userid
exist on the Sun Solaris Samba box as I do on the NT
domain _if_ users need to get to the Samba shares?
Would I use smbpasswd to add each user?
Thanks again!
Daniel
Hi Daniel,
No, you don't need passwords for the unix users that are going to access
files via samba; assuming that they are not going to also get in thru telnet
or something;
should be able to set up users like:
user1:*:uid:gid:Samba user:/dev/null:/dev/null
Hope this helps,
Don
-----Original Message-----
From: Daniel_Casey@jbhunt.com [mailto:Daniel_Casey@jbhunt.com]
Sent: Friday, February 02, 2001 3:57 PM
To: Daniel_Casey@jbhunt.com
Cc: MCCALL,DON (HP-USA,ex1); samba@us5.samba.org;
samba-admin@us5.samba.org
Subject: RE: nt domain help
Well, I found a DOMAIN_MEMBER.txt doc in the
source tree and it does look like I have to have
a user on the Sun box for every user in the NT
domain that wants to access shares on the Sun box.
So, do I have to set passwords for the users on
the Sun box? I wouldn't think so since I'm
authenticating against an NT domain.
Daniel_Casey@jb
hunt.com To: "MCCALL,DON
(HP-USA,ex1)"
<don_mccall@hp.com>
Sent by: cc: samba@us5.samba.org
samba-admin@us5 Subject: RE: nt domain help
.samba.org
02/02/2001
02:12 PM
Cool, looks like it worked?
# ./smbpasswd -j dom01 -r domdev00
2001/02/02 13:59:30 : change_trust_account_password: Changed password for
domain DOM01.
Joined domain DOM01.
So what is the password?
And does that mean that I have to have the same userid
exist on the Sun Solaris Samba box as I do on the NT
domain _if_ users need to get to the Samba shares?
Would I use smbpasswd to add each user?
Thanks again!
Daniel
Hi Daniel, The password for the trust when samba joins a domain is immaterial; it is negotiated between itself and the pdc. and you won't be using smbpasswd command, as the password is being checked against the NT domain password database in domain level security. The reason you need unix users defined on your Sun Samba box with the same names as the NT users is that when those nt users access shares on the samba box, samba will use the uid/gid pair of the same name unix user to determine access rights to manipulate the unix files in those shares, and assign ownership to files created by these users. Hope this helps, Don -----Original Message----- From: Daniel_Casey@jbhunt.com [mailto:Daniel_Casey@jbhunt.com] Sent: Friday, February 02, 2001 3:13 PM To: MCCALL,DON (HP-USA,ex1) Cc: samba@us5.samba.org Subject: RE: nt domain help Cool, looks like it worked? # ./smbpasswd -j dom01 -r domdev00 2001/02/02 13:59:30 : change_trust_account_password: Changed password for domain DOM01. Joined domain DOM01. So what is the password? And does that mean that I have to have the same userid exist on the Sun Solaris Samba box as I do on the NT domain _if_ users need to get to the Samba shares? Would I use smbpasswd to add each user? Thanks again! Daniel
Hi all .... I'm finding myself with steam coming out my ears for the strain that I'm taking with Samba at the moment. I need your help bit time. Here is the situation. I have a NT 4.0 PDC sp6 and a newly installed Samba server on Linux 7.1 with all patches applied. I would like our NT users to be able to view the shares that I have set on the server, but by using thier NT user and domain names. I have read the man pages tons of times but I am still missing something to make it all snap together and some other troubles too. First thing is that I cant get the smbpasswd -j -r etc to join the samba server to the domain. I just get session failed. Funny thing is that the server is listed in the server manger on the PDC, but when trying to delete it, it says that it has already been deleted. I have tried security = server with no luck. I am a little unsure on how to setup users and which users need to go where etc .... Help is appreciated. Mark Johnston -------------- next part -------------- HTML attachment scrubbed and removed