OK. It looks like you are telling Samba to use Kerberos by putting it in
a realm. I believe the trick should be to make your Samba server look
like an NT4 server (one that doesn't understand ADS). Then is should be
able to join using the pre-ADS protocol.
Jason Gerfen wrote:
I have. You see the problem I am having is dealing with some users
using kerberos for authentication once I have joined the machine to
the domain as server = ads.
I only need to authentication users against active directory for this
particular machine so I set the server = domain and everytime I
attempt to join using net rpc join I recieve errors that the domain is
not valid.
[EMAIL PROTECTED]:~> testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[odin]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
# Global parameters
[global]
workgroup = SCL
realm = SCL.DOMAIN
server string = testmachine
security = DOMAIN
update encrypted = Yes
password level = 20
preferred master = No
domain master = No
idmap uid = 500-500000
idmap gid = 500-500000
winbind separator = /
winbind cache time = 5
winbind use default domain = Yes
winbind nested groups = Yes
[odin]
comment = ODIN
path = /odin
read only = No
inherit acls = Yes
Gary Dale wrote:
Can you be more specific as to what you are looking for?
Non-Windows machines can use Samba to join NT or ADS domains without
using Kerberos. This is quite normal. Kerberos is an optional feature
that takes extra configuration.
Once in a domain, you can use the Windows groups to control access to
shares.
Have you checked out the Samba Howtos and Samba by Example on the
samba.org site?
Jason Gerfen wrote:
I want a samba machine to be a member of the domain and
authentication the users, but I do not want to use kerberos as
authentication and I also want to limit or authentication users from
a specific group.
Examples of this?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba