Tim Holmes wrote:
If your DC is running in Mixed Mode then you should be able to rather easily change your samba security to domain (security = domain), and specify your password server (password server = x.x.x.x). At this point you should be able to create matching linux system accounts as placeholders for setting permissions etc., and when users from windows clients attempt to access Samba resources the Samba server will query the DC for authentication. You can get more advanced in regard to using Winbind, but this is probably the simplest approach.ood Morning Everyone:
This question is a bit different from the run of the mill -- HELP ME I GOT TROUBLE questions here on the list, however I am interested in getting this situation working correctly and also need to understand the basis behind the process so that I can implement it properly and extend it as necessary
First off -- Some Background
I am running a 150 station lan where all the workstations are Windows XP Pro SP2 -- Fully patched. The Domain Controller, Exchange Server, and Content Filter (Websense) are all Windows Server 2003 standard (updated and fully patched). The AntiVirus Server (Panda) is An XP SP2 Box. The 2 Webservers (production and development) are Fedora Core 2, as is the File Server, and Database server (MySQL). All have been fully updated with yum in the last week or so.
Currently The 2 Webservers and the File server have samba set up on
them. This is to facilitate file movement between them and the rest of
the network. At the present time to allow access to the samba boxes I
create a user account for the person in linux, then create a samba
account, and feed it their windows password using the
system-config-samba program. Once this is done, they can access the
shares without any need for typing usernames and passwords, which is
great, but to my way of thinking that is a lot of steps to go through.
My question is as follows:
Is this the proper / best way to have the integration set up, or is there a better way. From where I sit, and in a perfect world, when a user tried to access a samba share, the samba server would query the domain controller for authentication and process it, similar to accessing a share on one of the windows boxes. I would like to move all my user accounts home directories to the file server, but I don't want to take the time to input all the usernames/passwords, and then have the problem that every time someone changes their windows password, they loose their samba access.
If you have suggestions for reading, or ideas or other helpful hints, I would be greatly appreciative. The resources that I have read on the net are at best confusing. Also I am fairly new to Linux, and although I am learning, it is going to take me a while to get all the ins and outs of the system nailed down, so I may need some procedural help to get things working smoothly
Thank you so much for your time and assistance
Tim Holmes
IT Manager / Webmaster Medina Christian Academy A Higher Standard...
Jeremiah 33:3 Jeremiah 29:11 Esther 4:14
If your DC is running in Native Mode then you will need to involve kerberos which is a little bit more painful. The samba how-to's have very good directions for all of this.
Christian
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba