Hi, folks ! Perhaps somebody can help me with a litle isuue. I?ve got a PDC with Ubuntu+Samba 3.5 +LDAP working fine in my network. But now I?m trying to implement a fileserver that autenticate against my domain server. If someone have any idea about how to do it and can give me a link or some clue about it, I really will apreciate it! Thank you very much for your time.
I have a file server that I authenticate against LDAP/Samba. The
smb.conf looks something like this...(which of course does not include
the shares section of the config...) This configuration assumes using
nss_ldap (for getting user accounts) and POSIX ACL's for permissions
using getfacl and setfacl.
[global]
log file = /var/log/samba/%m.log
passdb backend = ldapsam:ldap://<ip address>
ldap suffix = <ldap suffix>
ldap machine suffix = ou=Machine
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap idmap suffix = ou=IdMap
ldap admin dn = <ldap dn to connect as>
show add printer wizard = No
dns proxy = No
cups options = raw
server string = File Server
password server = SERVER1 SERVER2
domain logons = no
domain master = no
workgroup = CORPDOM
printcap name = cups
security = DOMAIN
preferred master = No
max log size = 50
disable spoolss = Yes
On 08/18/2010 09:37 PM, Hernan Caffera wrote:> Hi, folks !
> Perhaps somebody can help me with a litle isuue.
> I?ve got a PDC with Ubuntu+Samba 3.5 +LDAP working fine in my network.
> But now I?m trying to implement a fileserver that autenticate against my
domain
> server.
> If someone have any idea about how to do it and can give me a link or some
clue
> about it, I really will apreciate it!
> Thank you very much for your time.
>
>
>
--
Christopher Springer
IS/IT Systems Administrator
BRC Rubber& Plastics, Inc
260-693-2171 x389
cspringer at brcrp.com
On 08/18/2010 09:37 PM, Hernan Caffera wrote:> Hi, folks ! > Perhaps somebody can help me with a litle isuue. > I?ve got a PDC with Ubuntu+Samba 3.5 +LDAP working fine in my network. > But now I?m trying to implement a fileserver that autenticate against my domain > server. > If someone have any idea about how to do it and can give me a link or some clue > about it, I really will apreciate it! > Thank you very much for your time. > > >Is the new server also a samba server? You should be able to configure it as a workgroup server or domain BDC. My experience is that if already have an LDAP backend, and if you are already using LDAP for unix level account management, that the BDC is the better approach since it helps keep all your Windows and Unix id's consistent on both machines.