Samba: Difference between revisions

From Q
Jump to navigation Jump to search
← Older editNewer edit →
Tgurr (talk | contribs)
1,619 edits
No edit summary
Tgurr (talk | contribs)
1,619 edits
Line 44: Line 44:
         preferred master = no
         preferred master = no
         os level = 0
         os level = 0
        max protocol = SMB2
        rpc_server:epmapper = daemon
        load printers = no
        printcap name = /dev/null
        disable spoolss = yes
        log level = 3


include = /etc/samba/shares.conf
include = /etc/samba/shares.conf

Revision as of 14:06, 30 April 2013

Description

This is a short howto about connecting a Linux machine via Samba to an Windows ADS Domain.

Dependencies

USE-Flags

File: /etc/portage/package.use
net-nds/openldap kerberos samba
net-fs/samba -cups addns ads ldap winbind

Installation

# emerge samba

Configuration

See kerberos for the required kerberos configuration.

File: /etc/conf.d/samba
daemon_list="smbd nmbd winbind"
File: /etc/samba/smb.conf
[global]
        workgroup = YOURDOMAIN
        netbios name = HOSTNAME
        server string = HOSTNAME
        realm = YOURDOMAIN.LOCAL
        security = ADS
        encrypt passwords = yes
        client use spnego = yes
        idmap uid = 15000-20000
        idmap gid = 15000-20000
        winbind use default domain = yes
        wins server = xxx.xxx.xxx.xxx
        dos charset = 850
        unix charset = UTF-8
        domain master = no
        local master = no
        preferred master = no
        os level = 0

        max protocol = SMB2
        rpc_server:epmapper = daemon

        load printers = no
        printcap name = /dev/null
        disable spoolss = yes
        log level = 3

include = /etc/samba/shares.conf
File: /etc/samba/shares.conf
[testshare]
        comment = Testshare
        path = /mnt/testshare
        valid users = YOURDOMAIN\username, @YOURDOMAIN\groupname
        writeable = No
        guest ok = Yes
        browseable = Yes
File: /etc/nsswitch.conf
passwd:      compat winbind
shadow:      compat winbind
group:       compat winbind

Join the ADS Domain

# net ads join -U Administrator

and enter the domain-administrator password.

Finalize

# /etc/init.d/samba start
# rc-update add samba default

Further Reading

  • Squid - Authentificate Squid users against ADS
  • kerberos - Kerberos configuration for authentificating users against ADS
  • pam_krb5 - Authentificate System users against ADS
  • not available yet - Manage your Samba shares in a MySQL database and administer them via a webinterface
Retrieved from "https://q-old.deltaquadrant.org/index.php?title=Samba&oldid=3563"