Follow the Link http://blog.wazollc.com/Lists/Posts/Post.aspx?ID=2
Or First, make sure kerberos is installed: # rpm -qa | grep krb this should return at least 3 packages: krb5-devel, krb5-libs and krb5-workstation Next, make sure the ldap development libraries are installed: # rpm -qa | grep ldap-devel If either of these returns nothing, you'll need to install them - which you can do from the Redhat CD. make sure there's an entry for your active directory DC in your /etc/hosts file: 1.2.3.4 addc.example.com addc Next, edit your /etc/krb5.conf to match your site. Everything should be fairly self-explanitory - and everything is case sensitive. Do not comment this file. Once you've gotten to this point, you can try: # /usr/kerberos/bin/kinit [email protected] replacing *user* with a real user and DOMAIN.COM with a real domain (which must be UPPERCASE). If things are working, you'll be prompted for a password. If you enter the correct password, you'll come back to a bash shell, if not, you should be presented with: "kinit(v5): Preauthentication failed while getting initial credentials" or some such. Note: If the clock time on the Linux machine is more than 5 minutes off from the time on the windows machine no ticket information will work. There are three wys to deal with this: 1. Have the Linux server act as a network time server, with the windows machine as a client 2. Have the windows machine act as a time server for the linux client 3. Make both systems pull the time from the same 3rd server ( some are listed here - http://ntp.isc.org/bin/view/Servers/NTPPoolServers ) Next, uninstall samba if it's installed: # rpm -e samba get the latest version of samba: $ wget "http://us1.samba.org/samba/ftp/samba-latest.tar.gz"; expand and install samba: $ tar -zxvf samba*.tar.gz $ cd samba-3.0.13 $ ./configure --prefix=/usr/local/samba --with-ldap --with-ads --with-krb5 --with-pam --with-winbind # make && make install 1. $ tar -zxvf samba*.tar.gz 2. 3. $ cd samba-3.0.13 4. 5. $ ./configure --prefix=/usr/local/samba --with-ldap --with-ads --with-krb5 --with-pam --with-winbind 6. 7. # make && make install In your smb.conf: ----8<----- wins support = Yes name resolve order = wins lmhosts hosts bcast wins server = wins_server_ip_address netbios name = LINUX_SERVER_NAME realm = DOMAIN.COM ads server = 123.123.123.123 security = ADS encrypt passwords = yes ----8<----- start samba: # /etc/rc.d/init.d/smb start To add the linux computer to the AD, you need to log into the DC and add it as a user with such privledges, so (from the Linux system): # /usr/local/samba/bin/net ads join -U Administrator it should prompt you for Administrator's password. Note that Administrator should be a user with the right to add a computer to the AD. you should see something like: Joined 'LINUX_MACHINE_NAME' to realm 'DOMAIN.COM' To verify this worked, go to the windows DC and open Active Directory->Users and Computers and look for your linux machine to be listed there. That's all you absolutely need to connect to the AD. If you want to map users to the AD (which is probably why you're doing this), open /etc/nsswitch.conf and change this: passwd: files shadow: files group: files to this: passwd: compat winbind shadow: compat group: compat winbind start the winbind daemon: # winbindd make sure it's running: # ps -ae | grep winbindd if nothing gets returned, you probably didn't configure samba with kerberos and ldap support. If it shows winbindd running, you're all set. To make sure everything starts on reboot: open /etc/rc.d/init.d/smb and /etc/rc.d/init.d/winbindd and make sure the line: # chkconfig: 345 NN NN exixts (NN will be different numbers pertaining to priority), it should be on line 3 of both files. if these lines don't exist, add them. If they read: # chkconfig: - NN NN change the - to 345 save and close those files and run chkconfig: # chkconfig smb reset # chkconfig winbindd reset you can check the runlevels they will start at with # chkconfig smb --list # chkconfig winbindd --list B.Sadhiq --- In [email protected], surendra <suren...@...> wrote: > > Hi Friends, > > How add linux ESX Vmware server 3.5 into windows 2K3 domain ? > > Pls help on priority.... > > > Regds, > Surendra > +919324410132 > > > > > > [Non-text portions of this message have been removed] >
