Samba: Difference between revisions
Jump to navigation
Jump to search
| Line 95: | Line 95: | ||
== Further Reading == | == Further Reading == | ||
*[[Squid]] - Authentificate Squid users against ADS | *[[Squid]] - Authentificate Squid users against ADS | ||
*[[kerberos]] - Kerberos configuration for authentificating users against ADS | |||
*[[pam_krb5]] - Authentificate System users against ADS | *[[pam_krb5]] - Authentificate System users against ADS | ||
*[[not available yet]] - Manage your Samba shares in a MySQL database and administer them via a webinterface | *[[not available yet]] - Manage your Samba shares in a MySQL database and administer them via a webinterface | ||
Revision as of 13:57, 30 April 2013
Description
This is a short howto about connecting a Linux machine via Samba to an Windows ADS Domain.
Dependencies
USE-Flags
File: /etc/portage/package.use
net-nds/openldap kerberos samba net-fs/samba -cups addns ads ldap winbind
Packages
| Code: emerge samba -pv |
[ebuild N ] dev-libs/iniparser-3.0b-r2 USE="-examples -static-libs" 26 kB [ebuild N ] sys-apps/keyutils-1.4-r1 39 kB [ebuild N ] dev-libs/libgpg-error-1.10 USE="nls -common-lisp -static-libs" 429 kB [ebuild N ] app-text/build-docbook-catalog-1.6 4 kB [ebuild N ] dev-libs/libgcrypt-1.5.0_beta1-r2 USE="-static-libs" 1,146 kB [ebuild N ] app-text/docbook-xsl-stylesheets-1.76.1 3,597 kB [ebuild N ] app-crypt/mit-krb5-1.9-r4 USE="keyutils pkinit threads -doc -openldap -test -xinetd" 11,610 kB [ebuild N ] dev-libs/libxslt-1.1.26-r1 USE="crypt python -debug" 3,322 kB [ebuild N ] virtual/krb5-0 0 kB [ebuild N ] sys-libs/tdb-1.2.7-r1 USE="python -static-libs -tdbtest -tools" 443 kB [ebuild N ] sys-libs/talloc-2.0.5 USE="python -compat" 357 kB [ebuild N ] net-nds/openldap-2.4.24 USE="berkdb crypt ipv6 kerberos perl samba ssl tcpd -cxx -debug -experimental -gnutls -icu -iodbc -minimal -odbc -overlays -sasl (-selinux) -slp -smbkrb5passwd -syslog" 5,118 kB [ebuild N ] net-fs/samba-3.5.8-r1 USE="acl addns ads aio client ldap netapi pam readline server smbclient winbind -avahi -caps -cluster -cups -debug -doc -examples -fam -ldb -quota -smbsharemodes -smbtav2 -swat -syslog" 30,014 kB |
Installation
# emerge samba
Configuration
See kerberos for the required kerberos configuration.
File: /etc/conf.d/samba
daemon_list="smbd nmbd winbind"
File: /etc/samba/smb.conf
[global]
workgroup = YOURDOMAIN
netbios name = HOSTNAME
server string = HOSTNAME
realm = YOURDOMAIN.LOCAL
security = ADS
encrypt passwords = yes
password server = domaincontroller.yourdomain.local
client use spnego = yes
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind use default domain = yes
wins server = xxx.xxx.xxx.xxx
dos charset = 850
unix charset = UTF-8
include = /etc/samba/shares.conf
File: /etc/samba/shares.conf
[testshare]
comment = Testshare
path = /mnt/testshare
valid users = YOURDOMAIN\username, @YOURDOMAIN\groupname
writeable = No
guest ok = Yes
browseable = Yes
File: /etc/nsswitch.conf
passwd: compat winbind shadow: compat winbind group: compat winbind
Join the ADS Domain
# net ads join -U Administrator
and enter the domain-administrator password.
Finalize
# /etc/init.d/samba start
# rc-update add samba default
Further Reading
- Squid - Authentificate Squid users against ADS
- kerberos - Kerberos configuration for authentificating users against ADS
- pam_krb5 - Authentificate System users against ADS
- not available yet - Manage your Samba shares in a MySQL database and administer them via a webinterface