Hi everyone,
I want to convert some 50 new machines that an organization is getting into Fedora Linux workstations. This is the current setup: The organization currently has one Primary Windows 2000 ADS and 2 numbers of Windows 2000 servers acting as Backup domain servers. There are currently some 50 workstations already in the network and these are all Windows 2000 professional machines. There are HP laser network printers in the network. Now the organization wants to add about 50 more workstations in the network. I am trying to convince them to use Fedora Linux on these machines instead of Windows 2000 professionnal. My ultimate goal is to convert more machines to Linux. From these Fedora machines, users should be able to login to the Windows servers using their Windows username and passwords. They will be using a lot of files from the Windows 2000 servers which currently also act as the file servers. They are currently reluctant on converting the Windows servers and converting to Linux as some critical applications that they use are available only on windows. In addition to this they would need to print to the Network printers in the network. I googled and found a LOT of information on modifying the SAMBA and modifying the krb5 for the above purpose. I am using a couple of machines to do a test setup. I have installed FC1 on these machines and have configured SAMBA on both these machines. Some of the settings done are as follows: SAMBA smb.conf file is at the very bottom of this email KRB5 krb5.conf file is also at the bottom of the email nsswitch.conf file was modified also at the bottom of this email The authentication that I am using is SMB and KRB5 My FC1 machines are registered into the ADS using "net ads join -U user1". This went well and showed me as joined to the domain. I have set up test users "user1" and "user2" in both the windows domain as well as on the FC1 machines. The passwords of the above users on the local FC1 machines and the Windows 2000 ADS machines are differrent. (The reason I have kept these differrent is to test that the login using the Windows 2000 username and password works.) The problem that I face is this: 1. I cannot log in at the FC1 GUI login prompt (I'm using gnome) using the windows username (user1 or user2) and password. I can only login using my FC1 local username and password. This is the first thing that I should be able to do. I should be able to login as any user (even if the user is not added in the local FC1 machine) 2. After logging into gnome as the local FC1 user, when I browse the network and click on any machine on the network it asks me for a username and password again for that machine. After entering the correct windows username and password I get access to the shared resources in the network. I want to maintain one central username and password into the Windows 2000 ADS. So if a username is added or is a password of an existing user is changed it is maintained at one location only and not in multiple locations. Can someone point out what I could be doing wrong here. At this point I'm quite zonked actually. Some sites mentinoed that all I need to do was enable kerbrose authintication on the local machine (no need to setup samba). In other places there is nothing mentioned about krb5 but a lot of settings about samba. I'd appretiate your help a lot. I'm sorry for the long email, but I just wanted to make sure I've given all the details. Thanks, PAG -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
