Hi Luiz... I think you just misunderstood the concept of Samba... You can indeed you samba to make both task... Just join your samba box to AD and be happy. 2017-04-17 13:26 GMT-03:00 Luiz Guilherme Nunes Fernandes via samba < samba at lists.samba.org>:> Well, i need join 1 server Linux in Active Directory, i need too, create > one domain in samba for shared printers with cups. > > But i need use users and groups of ad with shared in samba. This is my > idea. I use samba winbind for read user and groups, i testing with apache > and ssh, with this applications, working, but for shareding no. Does have > any idea? > > 2017-04-17 12:39 GMT-03:00 Luiz Guilherme Nunes Fernandes < > narutospinal at gmail.com>: > > > I added a linux server to the Active Directory domain, I realized that > the > > samba-winbind package uses the smb.conf file, but I also need to use the > > same linux server with shares, if I install the samba package, this > package > > use the smb.conf file. Is there a solution? > > > > Then i have problem with 2 services. > > > > Example > > systemctl services: > > > > smb.service > > winbind.service > > > > My system is Centos 7. > > > > -- > > <<<<<<<<<<<<<<<<<<<----------------------------------------- > > -------------------------->>>>>>>>>>>>>>>>>>> > > > > < Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém vem ao > > Pai, senão por mim > > > (João 14:6) > > > > Att. > > ♪ ♫ Luiz Guilherme Nunes > > Fernandes ♫ ♪ > > > > <<<<<<<<<<<<<<<<<<<----------------------------------------- > > -------------------------->>>>>>>>>>>>>>>>>>> > > > > > > -- > <<<<<<<<<<<<<<<<<<<----------------------------------------- > -------------------------->>>>>>>>>>>>>>>>>>> > > < Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém vem ao > Pai, senão por mim > > (João 14:6) > > Att. > ♪ ♫ Luiz Guilherme Nunes > Fernandes ♫ ♪ > > <<<<<<<<<<<<<<<<<<<----------------------------------------- > -------------------------->>>>>>>>>>>>>>>>>>> > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Obrigado Cordialmente Gilberto Ferreira Consultor TI Linux | IaaS Proxmox, CloudStack, KVM | Zentyal Server | Zimbra Mail Server (47) 3025-5907 (47) 99676-7530 Skype: konnectati www.konnectati.com.br
This problem, in the computer park there is a domain controller microsoft
without shared printers, I need to use another server with samba shares +
cups, but with authentication in the microsoft active directory.
I try parameters securty = ads (join machine in domain) and user ( cant
read users with nslcd and nsswitch , but only work with ssh and apache.
Topology
1 server microsoft windows ( Have user and groups tree and shared paste) (
This server ok, work with pdc, and shared paste )
1 Linux with samba and need only shared printers with authentication in
previous server . ( No work )
Rowland Penny
What I basically want to do is use the users and groups from the active
directory in my new samba with shared printers. What I can not do this
authentication.
This question is, i can use winbind for new shared printers? i join the
machine in domain, and cups work with anonymous. But any idea?
# My mini tutorial
#########################
(First test)
#########################
realm join --client-software=winbind -U login NONAME.COM.BR
realm list
authconfig --enablewinbindusedefaultdomain --update
wbinfo -t
wbinfo -g
wbinfo -u
Work (join in domain, and list groups and users)
i can use for authentication ssh and apache (work)
### My problem
Acually File with winbind
workgroup = NONAME
realm = NONAME.COM.BR
security = ads
idmap config * : range = 16777216-33554431
template homedir = /home/%U@%D
template shell = /bin/bash
kerberos method = secrets only
winbind use default domain = true
winbind offline logon = true
log file = /var/log/samba/log.%m
log level = 3
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
winbind refresh tickets = yes
winbind enum groups = no
winbind enum users = no
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
valid users = abc, bcd, dce, @grups_printers
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root
create mask = 0664
directory mask = 0775
#########################
(Second test)
### My problem
#########################
yum install -y nss-pam-ldapd nscd
ldapsearch ( work, i can search and groups and users too)
nslcd.conf work too
i can use for authentication ssh and apache (work)
### My problem
Acually File with samba
[global]
workgroup = NOMEDOMINIO
netbios name = MADAGASCAR
server string = Servidor de Arquivos
security = user
encrypt passwords = true
enable privileges = yes
passdb backend = tdbsam
printing = cups
load printers = yes
enable privileges = yes
[homes]
comment = Home Directories
browseable = no
writable = yes
[print$]
path = /var/samba/printers
read only = yes
write list = printer
inherit permissions = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = yes
guest ok = yes
writable = no
printable = yes
valid users = abc, bcd, dce, @grups_printers
2017-04-17 13:40 GMT-03:00 Gilberto Nunes <gilberto.nunes32 at gmail.com>:
> Hi Luiz...
>
> I think you just misunderstood the concept of Samba...
> You can indeed you samba to make both task... Just join your samba box to
> AD and be happy.
>
> 2017-04-17 13:26 GMT-03:00 Luiz Guilherme Nunes Fernandes via samba <
> samba at lists.samba.org>:
>
>> Well, i need join 1 server Linux in Active Directory, i need too,
create
>> one domain in samba for shared printers with cups.
>>
>> But i need use users and groups of ad with shared in samba. This is my
>> idea. I use samba winbind for read user and groups, i testing with
apache
>> and ssh, with this applications, working, but for shareding no. Does
have
>> any idea?
>>
>> 2017-04-17 12:39 GMT-03:00 Luiz Guilherme Nunes Fernandes <
>> narutospinal at gmail.com>:
>>
>> > I added a linux server to the Active Directory domain, I realized
that
>> the
>> > samba-winbind package uses the smb.conf file, but I also need to
use the
>> > same linux server with shares, if I install the samba package,
this
>> package
>> > use the smb.conf file. Is there a solution?
>> >
>> > Then i have problem with 2 services.
>> >
>> > Example
>> > systemctl services:
>> >
>> > smb.service
>> > winbind.service
>> >
>> > My system is Centos 7.
>> >
>> > --
>> >
<<<<<<<<<<<<<<<<<<<-----------------------------------------
>> >
-------------------------->>>>>>>>>>>>>>>>>>>
>> >
>> > < Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida;
ninguém vem
>> ao
>> > Pai, senão por mim >
>> > (João
14:6)
>> >
>> >
Att.
>> > ♪ ♫ Luiz Guilherme Nunes
>> > Fernandes ♫ ♪
>> >
>> >
<<<<<<<<<<<<<<<<<<<-----------------------------------------
>> >
-------------------------->>>>>>>>>>>>>>>>>>>
>> >
>>
>>
>>
>> --
>>
<<<<<<<<<<<<<<<<<<<-----------------------------------------
>>
-------------------------->>>>>>>>>>>>>>>>>>>
>>
>> < Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém
vem ao
>> Pai, senão por mim >
>> (João
14:6)
>>
>>
Att.
>> ♪ ♫ Luiz Guilherme Nunes
>> Fernandes ♫ ♪
>>
>>
<<<<<<<<<<<<<<<<<<<-----------------------------------------
>>
-------------------------->>>>>>>>>>>>>>>>>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
>
> --
> Obrigado
>
> Cordialmente
>
>
> Gilberto Ferreira
>
> Consultor TI Linux | IaaS Proxmox, CloudStack, KVM | Zentyal Server |
> Zimbra Mail Server
>
> (47) 3025-5907
> (47) 99676-7530
>
> Skype: konnectati
>
>
> www.konnectati.com.br
>
>
>
--
<<<<<<<<<<<<<<<<<<<------------------------------------------------------------------->>>>>>>>>>>>>>>>>>>
< Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém vem ao
Pai, senão por mim >
(João 14:6)
Att.
♪ ♫ Luiz Guilherme Nunes
Fernandes ♫ ♪
<<<<<<<<<<<<<<<<<<<------------------------------------------------------------------->>>>>>>>>>>>>>>>>>>
On Mon, 17 Apr 2017 14:28:12 -0300 Luiz Guilherme Nunes Fernandes <narutospinal at gmail.com> wrote:> This problem, in the computer park there is a domain controller > microsoft without shared printers, I need to use another server with > samba shares + cups, but with authentication in the microsoft active > directory. I try parameters securty = ads (join machine in domain) > and user ( cant read users with nslcd and nsswitch , but only work > with ssh and apache. > > Topology > > 1 server microsoft windows ( Have user and groups tree and shared > paste) ( This server ok, work with pdc, and shared paste ) > 1 Linux with samba and need only shared printers with authentication > in previous server . ( No work ) > > > Rowland Penny > What I basically want to do is use the users and groups from the > active directory in my new samba with shared printers. What I can not > do this authentication. > > This question is, i can use winbind for new shared printers? i join > the machine in domain, and cups work with anonymous. But any idea? > > > # My mini tutorial > > ######################### > (First test) > ######################### > > realm join --client-software=winbind -U login NONAME.COM.BR > realm list > authconfig --enablewinbindusedefaultdomain --update > > wbinfo -t > wbinfo -g > wbinfo -u > > Work (join in domain, and list groups and users) > > i can use for authentication ssh and apache (work) > > ### My problem > Acually File with winbind > > workgroup = NONAME > realm = NONAME.COM.BR > security = ads > idmap config * : range = 16777216-33554431 > template homedir = /home/%U@%D > template shell = /bin/bash > kerberos method = secrets only > winbind use default domain = true > winbind offline logon = true > log file = /var/log/samba/log.%m > log level = 3 > > > passdb backend = tdbsam > printing = cups > printcap name = cups > load printers = yes > cups options = raw > winbind refresh tickets = yes > winbind enum groups = no > winbind enum users = no > > [homes] > comment = Home Directories > valid users = %S, %D%w%S > browseable = No > read only = No > inherit acls = Yes > > [printers] > comment = All Printers > path = /var/tmp > printable = Yes > create mask = 0600 > browseable = No > valid users = abc, bcd, dce, @grups_printers > > [print$] > comment = Printer Drivers > path = /var/lib/samba/drivers > write list = root > create mask = 0664 > directory mask = 0775 > > ######################### > (Second test) > > ### My problem > ######################### > > yum install -y nss-pam-ldapd nscd > > ldapsearch ( work, i can search and groups and users too) > > nslcd.conf work too > > i can use for authentication ssh and apache (work) > > ### My problem > Acually File with samba > [global] > > workgroup = NOMEDOMINIO > netbios name = MADAGASCAR > server string = Servidor de Arquivos > > security = user > encrypt passwords = true > enable privileges = yes > passdb backend = tdbsam > > printing = cups > load printers = yes > > enable privileges = yes > > [homes] > comment = Home Directories > browseable = no > writable = yes > > [print$] > > path = /var/samba/printers > read only = yes > write list = printer > inherit permissions = yes > > [printers] > comment = All Printers > path = /var/spool/samba > browseable = yes > guest ok = yes > writable = no > printable = yes > valid users = abc, bcd, dce, @grups_printers > > >Are you using sssd as well ? If so, you should decide which to use, sssd or winbind, you cannot use both. If you are not using sssd, you haven't set up the smb.conf correctly, see the pages I pointed you to. If you are using sssd and want to continue using it, you should remove winbind and then contact the sssd-users mailing list, this is not a Samba problem. Rowland