Solved

AD authentication on Samba 3

Posted on 2004-04-26
3
183 Views
Last Modified: 2010-03-18
Hi,

I am trying to set up a samba file server on fedore core. I want to have a shared folder which can be accessed only by win2k AD users and they should be able to change permissions for files they create!
Samba should take account information from AD when needed (I don't want make account duplicates on Linux!)

can you help

Marek
0
Comment
Question by:marek100
  • 2
3 Comments
 
LVL 8

Expert Comment

by:da99rmd
ID: 10917679
I think this is a good start for you but i sugest that you read the following:
man smb.conf
http://www.tldp.org/HOWTO/SMB-HOWTO.html

#Start
[global]
   workgroup = MYGROUP
   netbios name = LINUX
   interfaces = (ips to listen to f.ex. 192.168.0.0/24)
   encrypt passwords = Yes
   security = server
   password server = (net bios name)
   log level = 0
   log file = /var/log/samba/log.%m
   max log size = 50
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   dns proxy = No
   hosts allow = (ips of the host to alow)  
   preserve case = No
   short preserve case = No

[Company]
   comment = Company share
   path = /export/samba/company
   writable = yes
   printable = no
   hosts allow = (ips of the xp host)  
   create mode = 0755
   directory mode = 0755
# End

/Rob
0
 

Author Comment

by:marek100
ID: 10926035
Hi,

I am not sure, but I think a better solution would be to use:
security = ads,
but then I get lost with the installation of kerberos.

can you tell which one is better?
0
 
LVL 8

Accepted Solution

by:
da99rmd earned 125 total points
ID: 10926102
I think ADS is a better choise but i have never used it so i dont realy know how to set it upp but i have a good howto on doing it.
http://de.samba.org/samba/docs/man/unixclients.html#adssdm

/Rob

0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video discusses moving either the default database or any database to a new volume.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now