Steve Hobbs
2005-Sep-12 21:58 UTC
[Samba] Accessing /home/<user> properly from Win2003 Server share
Hi, After a major fight with Samba and Winbind (and my confusion), I finally have my a RHEL v4.0 ES box successfully authenticating against the Active Directory (ads) on a Windows 2003 Server. I installed the latest version of Samba in the process (3.0.20) and SELinux started complaining so I've disabled that for now. I can now telnet, ssh, su, etc... as any of my windows users on the Linux Server. I'll supply the full /etc/smb.conf and /etc/krb5.conf and other related settings to this list once I've got more stable. (There are some of the links I used at the end of this mail.) Now my cry for help. Our company has bought a Dell Poweredge storage box running Windows 2003 Server with 2TB of disc space. This will be used for both Windows and Linux shares (Exchange, Windows Home, Windows Project, /home, /project, etc...). We want to mount both the user and a project directory from this box on to several linux boxes. It is well documented on how to set up a Linux box as a server, but how do I mount [homes] shares with the correct permissions from the Windows server? I also have a /project area, which anyone can access, but all of the files need to have correct permissions as each user creates/accesses them. Can someone please point me in the right direction here? A second question. How using my authentication method, do I customize the shell that each account uses (not just /bin/bash)? Here's my smb.conf for my setup [global] workgroup = <DomainName> realm = <RealmName> preferred master = no server string = <ServerName> with Samba (%v) on %L security = ads password server = <Win2003PasswordServerName> encrypt passwords = yes log level = 3 log file = /var/log/samba/%m max log size = 50 winbind separator = + allow trusted domains = no idmap backend = idmap_rid:<DomainName>=500-100000000 idmap uid = 500-100000000 idmap gid = 500-100000000 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes template shell = /bin/tcsh template homedir = /home/%U Thanks in Advance, Steve Hobbs Diablo Technologies PS Useful links http://www.enterprisenetworkingplanet.com/netos/article.php/3487081 http://www.enterprisenetworkingplanet.com/netos/article.php/3502441 http://justlinux.com/forum/archive/index.php/t-118512.html
Steve Hobbs
2005-Sep-13 13:13 UTC
[Samba] Accessing /home/<user> properly from Win2003 Server share
Hi all, In answer to my own (somewhat confused) question. I've done further research on this and I think I've got to use Windows Services for UNIX from Microsoft to achieve this. The network we have is now going to be: One PDC running Windows 2003 Server and providing Exchange Server to the company. One Server Dell PowerVault with 2TB HDs running Windows 2003 Server plus Microsoft Services for UNIX. One or both of these windows servers will be running NIS/NFS to provide share and authentication information for our remaining farm of Linux boxes running RHEL v4 and running Cadence and similar tools. All desktops for the staff are actually WinXP machines. Currently it looks like Samba won't get used at all, except to share drives between the Farm Linux boxes themselves. This is to take advantage of the large local drives that exist on each of the Linux machines as temporary storage. We initially tried bringing up OpenLDAP and Samba on RHEL v4, but couldn't get the passwords to sync properly. This also, I think, may have been a headache, to authenticate Exchange against. Sucks, I've been looking into samba providing the solution all along. If this Services for Unix works then it means we'll be running almost exclusively Microsoft for server uses. Please feel free to add any comments. Kind Regards, Steve Hobbs ________________________________ From: samba-bounces+shobbs=diablo-technologies.com@lists.samba.org on behalf of Steve Hobbs Sent: Mon 9/12/2005 5:58 PM To: samba@lists.samba.org Subject: [Samba] Accessing /home/<user> properly from Win2003 Server share Hi, After a major fight with Samba and Winbind (and my confusion), I finally have my a RHEL v4.0 ES box successfully authenticating against the Active Directory (ads) on a Windows 2003 Server. I installed the latest version of Samba in the process (3.0.20) and SELinux started complaining so I've disabled that for now. I can now telnet, ssh, su, etc... as any of my windows users on the Linux Server. I'll supply the full /etc/smb.conf and /etc/krb5.conf and other related settings to this list once I've got more stable. (There are some of the links I used at the end of this mail.) Now my cry for help. Our company has bought a Dell Poweredge storage box running Windows 2003 Server with 2TB of disc space. This will be used for both Windows and Linux shares (Exchange, Windows Home, Windows Project, /home, /project, etc...). We want to mount both the user and a project directory from this box on to several linux boxes. It is well documented on how to set up a Linux box as a server, but how do I mount [homes] shares with the correct permissions from the Windows server? I also have a /project area, which anyone can access, but all of the files need to have correct permissions as each user creates/accesses them. Can someone please point me in the right direction here? A second question. How using my authentication method, do I customize the shell that each account uses (not just /bin/bash)? Here's my smb.conf for my setup [global] workgroup = <DomainName> realm = <RealmName> preferred master = no server string = <ServerName> with Samba (%v) on %L security = ads password server = <Win2003PasswordServerName> encrypt passwords = yes log level = 3 log file = /var/log/samba/%m max log size = 50 winbind separator = + allow trusted domains = no idmap backend = idmap_rid:<DomainName>=500-100000000 idmap uid = 500-100000000 idmap gid = 500-100000000 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes template shell = /bin/tcsh template homedir = /home/%U Thanks in Advance, Steve Hobbs Diablo Technologies PS Useful links http://www.enterprisenetworkingplanet.com/netos/article.php/3487081 http://www.enterprisenetworkingplanet.com/netos/article.php/3502441 http://justlinux.com/forum/archive/index.php/t-118512.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba