Any and all help greatly appreciated. It shouldn't be this hard to make
Windows and Linux work together. sigh!
markh
Mark,
This is how I do it for a WIN2K3 Active Directory domain. I only have
rights to add computers to our domain and this has worked great for me.
Took me a few days to get it right. It's not Fedora, maybe it will
convert you to Debian! I have this documented internally. I should post
it somewhere public.
Samba Install on Debian Sarge (now Stable!) from Net Install
http://www.debian.org/CD/netinst/
Install Debian. Don't add any packages during install:
Run command:
apt-get install sudo libkrb5-dev krb5-user libldap2-dev acl libacl1-dev
quota quotatool rdate
I use sudo that's why it is included. I guess you can do it all as root.
You don't need the quota packages if your not using quotas.
I use rdate to keep my clocks in sync.
Run the commands:
wget http://us2.samba.org/samba/ftp/samba-latest.tar.gz
tar xvzf samba-latest.tar.gz
cd samba-3.0.14a/source
./configure --with-winbind --with-ads --with-quotas --with-acl-support
--with-mandir=/usr/share/man
make && sudo make install
cp samba-3.0.14a/source/nsswitch/libnss_winbind.so /lib
ln -s /lib/libnss_winbind.so /lib/libnss_winbind.so.2
touch /etc/ld.so.conf
sbin/ldconfig -v | grep winbind
My /usr/local/samba/lib/smb.conf
[global]
workgroup = PWR
realm = PWR.INT.XYZ.COM
security = ADS
password server = pwroakdc1.pwr.int.xyz.com
log file = /usr/local/samba/var/%m.log
preferred master = No
local master = No
domain master = No
wins server = 192.168.1.22
idmap uid = 10000-40000
idmap gid = 10000-40000
# winbind use default domain = Yes
winbind enum users = No
winbind enum groups = No
winbind nested groups = Yes
socket options = TCP_NODELAY
socket options = SO_RCVBUF=8192
[users]
path = /home/users
read only = No
admin users = "PWR\mmaki"
I don't use winbind enum users because we have over 20K users in our domain.
ONLY changes to my /etc/nsswitch.conf
passwd: files compat winbind
group: files compat winbind
shadow: compat
My COMPLETE /etc/krb5.conf
[libdefaults]
default_realm = PWR.INT.xyz.com
[realms]
PWR.INT.xyz.com = {
kdc = pwroakdc1.pwr.int.xyz.com
kdc = inppwrodc.pwr.int.xyz.com
}
[domain_realm]
.pwr.int.xyz.com = PWR.INT.XYZ.COM
My /etc/fstab for using quotas:
/dev/sda1 /home/users ext3 defaults,acl,usrquota,grpquota 0 2
My hosts (/etc/hosts)
add
192.168.1.12 sambaserver.pwr.int.xyz.com sambaserver
and remove sambaserver from localhost
My /etc/init.d/samba
# Not the best but it works
#!/bin/sh
#
# Start the Samba daemons (nmbd and smbd).
#
/usr/local/samba/sbin/nmbd -D
/usr/local/samba/sbin/smbd -D
/usr/local/samba/sbin/winbindd -B
Run the commands:
ln -s /etc/init.d/samba /etc/rc2.d/S80samba
chmod go+x /etc/init.d/samba
Run command:
/usr/local/samba/bin/net ads join -U [EMAIL PROTECTED]
If sucsessfully joined you should be on your way!
Good Luck,
Mike
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
