It's been a confusing few months configuring samba for our needs. It would
seem our goal with samba is not exactly what the majority is looking for
currently. So here goes :)
I work at a university where microsoft's active directory has become the
dominate user account storage solution. I would like to setup a linux shared
server that would offer shell access to those who wish to program and learn.
First off. Account authentication.
I did this with Winbind. Once I gave it enough of a userid and group range it
started to work. Actually I had no Idea the windows admins had 40,000 groups
and 22,000 users.
Issues :
The Windows admins don't like that my unix box has joined the Active
Directory
as a Domain Controller! What is the difference to joining a domain as a
workstation or a domain controller. Why does samba need to be a domain
controller? Is it replicating the AD? can it? How can I make the windows
admins happy and make sure my Samba machine plays nice?
It seems the local domain kicks my samba machine out and I have to re-join
every week or so. Is this a feature?
Secondly Home Drive Mapping from a Active Directory Share.
I think this is the most confusing point of all this madness.
Does anyone have this working without having the domain admins/root password
in some text file/script??
I've tried pam_mount, smbpassw (smbfs extended), pam_smbd. I'm lost
folks.
How do you get the server/map information from the Active Directory. Can
winbind make a RPC call and get the info to smbmount?? Do I need to use ldap
lookups in conjunction with winbind to get more information outa the AD??
Lots of microsoft servers share a directory of shares.. Tree sharing or
whatnot, If the user home directories are shared under Volumes$ it seems
impossible to map a directory under that share. In anyevent I can make more
shares for users without the $ but what would I use to mount them on the
client side at login?
I would very much like to at login mount the users home directory as specified
in the Active Directory and not from a template entry in smb.conf. Then put
them into their mounted smb share as their local home. What about the
default shell? We would like to be able to switch the /bin/false to /bin/bash
or whatnot to allow access to the unix server. It seems this field isn't
used
by winbind, is using the shell template in smb.conf the only way??? Does
anyone currently have such a solution implemented?
I plan on writing a FAQ for this type of samba solution so any feedback would
be most grateful!
Thanks
Bob