Any way to do it with just 2k3 or does it have to be 2k3r2?
Thanks
Mark
Christoph Peus wrote:
Mark Campbell wrote:
So I have idmap:rid working. The problem is I can set only the same
shell for all users. I was trying to find a way to store the shell
in AD. I have found a couple references to ||RFC2307. Can this be
used with AD and if so is there a good article on it somewhere? (I
looked through the samba docs but didn't find anythings yet perhaps I
am just blind)
short form:
- do an upgrade to Windows Server 2003 R2 on the DCs
- set POSIX IDs in AD for all users und groups which you want to use
with samba
- compile samba with kerberos support
- net ads join
smb.conf:
security = ADS
realm = YOUR.DOMAIN
idmap backend = ad
winbind nss info = rfc2307
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
/etc/nsswitch.conf:
passwd: files winbind
shadow: files
group: files winbind
/etc/krb5.conf:
[libdefaults]
default_realm = YOUR.DOMAIN
[realms]
YOUR.DOMAIN = {
kdc = xxx.xxx.xxx.xxx
kdc = yyy.yyy.yyy.yyy
}
--
Mark Campbell
Systems Analyst
Digital Library Technologies
The Pennsylvania State University
[EMAIL PROTECTED], 814-865-4774
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba