At 12:05 PM 12/8/2006, James A. Dinkel wrote:
> -----Original Message-----
> From: Simon Renshaw
> Sent: Friday, December 08, 2006 10:13 AM
>
> Hi,
>
> I compiled Samba 3.0.23d on a CentOS 4.4 machine. Then I configured
> /etc/krb5.conf for my domain. Was able to successfully run kinit and
> join my Windows 2003 domain with a net ads join. Net ads user and net
> ads group returns the users and the groups of the domain.
>
> I'm kinda stuck on the next step. I would like to grant access to the
> share defined in smb.conf to anybody in the domain. How do I make it
> authenticate users on the domain instead of using the server?
> ...
You need this in your global section:
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
encrypt passwords = yes
And this in your share section:
valid users = @"BENCHCAN\domain users"
Although this will give all your users access to / which doesn't seem
like a good idea, but I assume this is just for testing.
Don't forget the necessary modifications to nsswitch.conf:
passwd: files winbind
shadow: files winbind
group: files winbind
Cheers,
-Don
Don Meyer <[EMAIL PROTECTED]>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services
"They that can give up essential liberty to obtain a little
temporary safety,
deserve neither liberty or safety." -- Benjamin Franklin, 1759
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
