Ryan Novosielski wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Eric Roseme wrote:
Casey Dearcorn wrote:
I am sorry if this sounds dumb, but I am sort of a newbie with samba.
We have upgraded our active directory domain servers to 2008 and samba
3.07 will not bind to the directory anymore. I have been told that I
need to upgrade past 3.022 in order to make it work? First of all is
this true? Second, when I went to install it and run it there is an
error that it can not find libldap-2.2.so. I am assuming this is for
the HPUX IXOPENLDAP, but I am not sure. In either case I can not find
this version to install. I don't want to mess my box up, but I would
like to get my samba running correctly again. Can anyone give me any
advice or information?
Hi Casey,
Are you using HP CIFS Server or Opensource Samba? I am guessing from
the library error that you were using CIFS Server and then tried to
install and run Opensource. What HP-UX version are you on?
If you are compiling/using Opensource, then you need to update past
3.0.28, so you might as well get 3.0.31. You will also need to install
OpenLDAP to get the libraries. Go here and read the README:
http://us1.samba.org/samba/ftp/Binary_Packages/hp/samba-3.0.23a/README
If you are using HP CIFS Server, then the latest version is based upon
Samba 3.0.22a with fixes ported in from later versions up to 3.0.25a. So
it does not have the fix for joining a W2008 domain with "security =
ads". You can join W2008 with "security = domain", though.
Eric Roseme
Hewlett-Packard
Eric,
Is that also true of A.02.03.04? Looks like it is somewhat newer, but
I'm not 100% sure how that affects the domain stuff.
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B8725AA
You probably know better than I, being from HP, but I've spent an
inordinate amount of time on this recently, so I have the release notes
memorized. :-P
PS: utmp = yes causes PANIC's on A.02.03.03 and A.02.03.04.
Hi Ryan,
Yes - unfortunately, it also holds true of A.02.03.04. Sorry that you
spent so much time on it.
I can send you a tool that will allow you to write the CIFS/Samba
computer object to the W2008 AD and generate a keytab file on the
CIFS/Samba server. When you start CIFS/Samba with "use kerberos keytab
= yes", your users can authenticate to and mount CIFS/Samba shares, but
any of the net commands that require auth-n will fail (including join).
winbind will not start either. Still working on this as a W/A. I do
not have a timeframe for 3.0.28 (or .31) for CIFS yet.
PS - the tool is "unsupported".
Eric
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
