Solved

AD authentication on Samba 3

Posted on 2004-04-26
3
187 Views
Last Modified: 2010-03-18
Hi,

I am trying to set up a samba file server on fedore core. I want to have a shared folder which can be accessed only by win2k AD users and they should be able to change permissions for files they create!
Samba should take account information from AD when needed (I don't want make account duplicates on Linux!)

can you help

Marek
0
Comment
Question by:marek100
  • 2
3 Comments
 
LVL 8

Expert Comment

by:da99rmd
ID: 10917679
I think this is a good start for you but i sugest that you read the following:
man smb.conf
http://www.tldp.org/HOWTO/SMB-HOWTO.html

#Start
[global]
   workgroup = MYGROUP
   netbios name = LINUX
   interfaces = (ips to listen to f.ex. 192.168.0.0/24)
   encrypt passwords = Yes
   security = server
   password server = (net bios name)
   log level = 0
   log file = /var/log/samba/log.%m
   max log size = 50
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   dns proxy = No
   hosts allow = (ips of the host to alow)  
   preserve case = No
   short preserve case = No

[Company]
   comment = Company share
   path = /export/samba/company
   writable = yes
   printable = no
   hosts allow = (ips of the xp host)  
   create mode = 0755
   directory mode = 0755
# End

/Rob
0
 

Author Comment

by:marek100
ID: 10926035
Hi,

I am not sure, but I think a better solution would be to use:
security = ads,
but then I get lost with the installation of kerberos.

can you tell which one is better?
0
 
LVL 8

Accepted Solution

by:
da99rmd earned 125 total points
ID: 10926102
I think ADS is a better choise but i have never used it so i dont realy know how to set it upp but i have a good howto on doing it.
http://de.samba.org/samba/docs/man/unixclients.html#adssdm

/Rob

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now