Re: [Samba] Configure Samba 3 to auth off a MIT KDC.
Perhaps I proposed the patch to the wrong audience. There are some people who have an existing Kerberos site, and have even followed the painful Microsoft howto on joining an MIT realm, and wish Samba to play ball. This is certainly not possible with Win98, so I suggest you instead just setup a normal Samba domain. Now that's quite a let down I was sure this was possible from somewhere :). All the clients currently login to Samba and the only thing I was wanting samba to do is check their password off the KDC server. They don't need to login to the KDC or be given a ticket - just use it as a password database. Is there no pam options where I could use pam_krb5 or something along those lines? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] error compiling samba 3.0.7 with ldap support
Hmmn. Maybe I should have tried that --include switch. I finally broke down and jammed them into /usr/include and /usr/lib and configure seems just happy. I do not think ldap-devel is a needed package when you download ldap itself and compile it from code. i guess that is a rpm or something. But it the darn the compiles I'll be happy. (it takes it awhile and it's doing right now). I still seem to get a ton of odd warnings.. Guess I'll work on that next. Stéphane Purnelle wrote: Have you installed ldap-devel --with-ldap is the option for specify that samba must compile with ldap support, not for specify the path of ldap file. use --include option (I think) for specify include file of ldap. Bruce Marriner a écrit : -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] error compiling samba 3.0.7 with ldap support
Alright so I download strace and compiled it :). The output from it however is of little help to me. It shows that configure is looking for ldap.h but does not seem to say where configure is looking. I have added the OpenLDAP lib folder to my ld.so.conf file and ran ldconfig and that did not help any either. This is a Redhat 9.0 linux box. Rick Brown wrote: depending on the platform you have lots of options. If it's linux, use strace to watch where configure is looking. Also, check /etc/ld.so.conf and make sure your ldap library path is included, then run ldconfig. If it's solaris, watch the configure process with truss and or set the environment variable LD_LIBRARY_PATH to include your ldap libs. If it's irix, watch the configure process with par and or set the environment... you get the picture :) On Mon, 27 Sep 2004, Bruce Marriner wrote: I am attempting to compile samba 3.0.7 with openldap using the following configure command. ./configure --prefix=/opt/samba-3.0.7/ --enable-developer --enable-krb5developer --with-krb5=/usr/kerberos/ --with-pam=/opt/openpam-20040210/ --with-ldap=/opt/openldap-2.2.17/ I get the following responce. checking lber.h presence... no checking for lber.h... no configure: WARNING: ldap.h is needed for LDAP support checking for Active Directory and krb5 support... auto configure: WARNING: Active Directory Support requires LDAP support So I have toyed around with my ldap file and put it in quite a few locations - which does little to help. Does anyone know where exactly configure is looking for this file at and rather or now I can tell it where the file is. I have been looking at the configure script a bit but I am apparently not so good at reading it because I can't answer my seemingly simple question. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Configure Samba 3 to auth off a MIT KDC.
I have a Samba 3 server running as my domain controller and want to configure it to authenticate user passwords off a MIT KDC server that is already up and running. I have the KDC client software installed on the Samba box and it will authenticate users using it's tools. I have been looking for some sort of a how-to but I have not found anything that works or explains much very well. Most of them give rough examples on how to connect to a Windows ADS but that's not what I'm doing. I would appreicate it if anyone here knows of a working how-to on setting up this configuration. Currently my smb.conf contains the following lines (among others). realm = REALMNAME.COM security = ADS encrypt passwords = yes When I try to connect to the samba server the smbd kicks out the error : check_ntdomain_security: could not fetch trust account password for domain 'REALMNAME.COM' From what I have read this relates to Samba not being 'connected' to the ADS realm (which I do not have). I have however attempted the command net ads join which returns various errors. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
