2891
Comment:
|
← Revision 3 as of 2009-03-16 03:29:58 ⇥
2891
converted to 1.6 markup
|
No differences found! |
Linux Samba Configuration:
Debian Samba server connecting to Active directory
1. Installing software
The first thing that you need to do is to install the required packages.
#aptitude update #aptitude upgrade #aptitude install samba smbclient winbind krb5-doc krb5-user krb5-config
Windows server information
In this configuration I used the following windows info.
Domain name: is414
Fully qualified domain name: is414.com
Window domain controller: rkb-server
Kerberos setup
Open /etc/krb5.conf
add the following lines to the krb.conf file.
- [libdeffaults]
- default_realm = IS414
- IS414.COM = {
- kdc – rkb-server.is414.com admin_server – rkb-server.is414.com
- kerberos.server = IS414.COM
After that has been completed do the following:
#kinit administrator@IS414.COM
Verify that it worked by using the following command:
#klist
Samba Setup
Open the samba configuration file /etc/samba/smb.conf and add the following:
- [global]
- security = ADS password server = rkb-server encrypt passwords = yes workgroup = IS414 realm = IS414.COM idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes winbind use default domain = yes winbind separator = +
Creating a share in /etc/samba/smb.conf. Replace ?WindowsShare with any name you want. first create the folder:
#mkdir /home/WindowsShare #chmod 777 /home/WindowsShare
Add the following in the /etc/samba/smb.conf
[?WindowsShare]
- comment = Windows Share path = /home/WindowsShare read only = no create mask = 0775 directory mask = 0775 browsable = yes public = yes writeable = yes force create mode = 0775 force directory mode = 0775 force security mode = 0775 guest ok = no inherit permissions = yes nt acl support = yes
Test your configuration with the following command:
#testparm -v
Now you must restart the samba deamon.
# /etc/init.d/samba stop
Winbind configuration
Stop the winbind deamon.
#/etc/init.d/winbind stop
edit the couple of lines of the /etc/nsswitch.conf file.
- passwd: compat winbind group: compat winbind
Joining the Domain
start the samba and winbind deamons
#/etc/init.d/samba start #/etc/init.d/winbind start
Join the domain with the following command
#net ads join -U administrator
Test winbind with the following commands
#wbinfo -u
The wbinfo – u should list the AD users
#wbinfo – g
The wbinfo – g should list the AD groups
All that is left is to test the connection from the server to verify that the share is working.