Samba

From Q
Revision as of 14:05, 30 April 2013 by Tgurr (talk | contribs)
Jump to navigation Jump to search

Description

This is a short howto about connecting a Linux machine via Samba to an Windows ADS Domain.

Dependencies

USE-Flags

File: /etc/portage/package.use
net-nds/openldap kerberos samba
net-fs/samba -cups addns ads ldap winbind

Installation

# emerge samba

Configuration

See kerberos for the required kerberos configuration.

File: /etc/conf.d/samba
daemon_list="smbd nmbd winbind"
File: /etc/samba/smb.conf
[global]
        workgroup = YOURDOMAIN
        netbios name = HOSTNAME
        server string = HOSTNAME
        realm = YOURDOMAIN.LOCAL
        security = ADS
        encrypt passwords = yes
        client use spnego = yes
        idmap uid = 15000-20000
        idmap gid = 15000-20000
        winbind use default domain = yes
        wins server = xxx.xxx.xxx.xxx
        dos charset = 850
        unix charset = UTF-8
        domain master = no
        local master = no
        preferred master = no
        os level = 0

include = /etc/samba/shares.conf
File: /etc/samba/shares.conf
[testshare]
        comment = Testshare
        path = /mnt/testshare
        valid users = YOURDOMAIN\username, @YOURDOMAIN\groupname
        writeable = No
        guest ok = Yes
        browseable = Yes
File: /etc/nsswitch.conf
passwd:      compat winbind
shadow:      compat winbind
group:       compat winbind

Join the ADS Domain

# net ads join -U Administrator

and enter the domain-administrator password.

Finalize

# /etc/init.d/samba start
# rc-update add samba default

Further Reading

  • Squid - Authentificate Squid users against ADS
  • kerberos - Kerberos configuration for authentificating users against ADS
  • pam_krb5 - Authentificate System users against ADS
  • not available yet - Manage your Samba shares in a MySQL database and administer them via a webinterface
Retrieved from "https://q-old.deltaquadrant.org/index.php?title=Samba&oldid=3562"