Re: [Samba] Integrate Samba with Active Directory

Wed, 20 Jul 2011 10:53:33 -0700 

On 07/19/2011 4:49 PM, Bruno Martins wrote:

On Tue, 2011-07-19 at 13:11 -0500, Dale Schroeder wrote:

On 07/19/2011 10:05 AM, Bruno Martins - GALILEU LISBOA wrote:

Hello guys,



I am setting up a Samba server (based on CentOS 5.6) on my company which
will act as a print and file server. Also, it has dropbox installed.



I have set up everything regarding to CUPS and Samba itself, but I'm not
being able to integrate my shares with Active Directory.



All I want is that access control to Samba shares is made through Active
Directory users and their respective passwords, and not through
Unix-style users and groups. Is this possible?



Some configuration files:

/etc/nsswitch.conf - http://pastebin.com/rPgXSL6G

Bruno,

To start, change this:
         passwd: files ldap
         shadow:     files winbind
         group:      files winbind
To this:

     passwd: files winbind ldap  (Are you using ldap for anything?)
     shadow: files
     group: files winbind

kinit [email protected]
This should return nothing after entering the password.

Is the join OK? net ads testjoin

Try wbinfo -u and wbinfo -g to see if you get AD users and groups.

If using PAM, is it configured for winbind?
http://www.enterprisenetworkingplanet.com/netsysm/article.php/3502441/Join-Linux-to-Active-Directory-With-Winbind.htm

Dale


/etc/samba/smb.conf - http://pastebin.com/9uffAyjV

/etc/krb5.conf - http://pastebin.com/9zJFQR6J



Can someone please give me some lights on this?



If you need more information, just tell me. ;-)



Thanks for your cooperation.



Best regards,



Bruno Martins


Hello Dale,

Files have been corrected.

How do you make 'net ads testjoin' as a certain user?

I believe you have to do this as root.


I did this, to see if it helps you:
http://paste2.org/p/1529126

By the way, also take a look at kinit's result:
http://paste2.org/p/1529128

That looks OK.
Do you get a listing of your AD users and groups with "wbinfo -u" and "wbinfo -g"? 

As others have suggested, consider upgrading to a newer version.
For completeness, verify that the times are in sync between the samba server and the DC. 

Dale


I don't know if I'm using, but I'll take a look into that article as
well.

Thanks for your cooperation on this.

Best regards,

Bruno Martins
.


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Reply via email to