Hi, folks ! Perhaps somebody can help me with a litle isuue. I?ve got a PDC with Ubuntu+Samba 3.5 +LDAP working fine in my network. But now I?m trying to implement a fileserver that autenticate against my domain server. If someone have any idea about how to do it and can give me a link or some clue about it, I really will apreciate it! Thank you very much for your time.
I have a file server that I authenticate against LDAP/Samba. The smb.conf looks something like this...(which of course does not include the shares section of the config...) This configuration assumes using nss_ldap (for getting user accounts) and POSIX ACL's for permissions using getfacl and setfacl. [global] log file = /var/log/samba/%m.log passdb backend = ldapsam:ldap://<ip address> ldap suffix = <ldap suffix> ldap machine suffix = ou=Machine ldap user suffix = ou=People ldap group suffix = ou=Group ldap idmap suffix = ou=IdMap ldap admin dn = <ldap dn to connect as> show add printer wizard = No dns proxy = No cups options = raw server string = File Server password server = SERVER1 SERVER2 domain logons = no domain master = no workgroup = CORPDOM printcap name = cups security = DOMAIN preferred master = No max log size = 50 disable spoolss = Yes On 08/18/2010 09:37 PM, Hernan Caffera wrote:> Hi, folks ! > Perhaps somebody can help me with a litle isuue. > I?ve got a PDC with Ubuntu+Samba 3.5 +LDAP working fine in my network. > But now I?m trying to implement a fileserver that autenticate against my domain > server. > If someone have any idea about how to do it and can give me a link or some clue > about it, I really will apreciate it! > Thank you very much for your time. > > >-- Christopher Springer IS/IT Systems Administrator BRC Rubber& Plastics, Inc 260-693-2171 x389 cspringer at brcrp.com
On 08/18/2010 09:37 PM, Hernan Caffera wrote:> Hi, folks ! > Perhaps somebody can help me with a litle isuue. > I?ve got a PDC with Ubuntu+Samba 3.5 +LDAP working fine in my network. > But now I?m trying to implement a fileserver that autenticate against my domain > server. > If someone have any idea about how to do it and can give me a link or some clue > about it, I really will apreciate it! > Thank you very much for your time. > > >Is the new server also a samba server? You should be able to configure it as a workgroup server or domain BDC. My experience is that if already have an LDAP backend, and if you are already using LDAP for unix level account management, that the BDC is the better approach since it helps keep all your Windows and Unix id's consistent on both machines.