Solved

AD authentication on Samba 3

Posted on 2004-04-26
3
193 Views
Last Modified: 2010-03-18
Hi,

I am trying to set up a samba file server on fedore core. I want to have a shared folder which can be accessed only by win2k AD users and they should be able to change permissions for files they create!
Samba should take account information from AD when needed (I don't want make account duplicates on Linux!)

can you help

Marek
0
Comment
Question by:marek100
  • 2
3 Comments
 
LVL 8

Expert Comment

by:da99rmd
ID: 10917679
I think this is a good start for you but i sugest that you read the following:
man smb.conf
http://www.tldp.org/HOWTO/SMB-HOWTO.html

#Start
[global]
   workgroup = MYGROUP
   netbios name = LINUX
   interfaces = (ips to listen to f.ex. 192.168.0.0/24)
   encrypt passwords = Yes
   security = server
   password server = (net bios name)
   log level = 0
   log file = /var/log/samba/log.%m
   max log size = 50
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   dns proxy = No
   hosts allow = (ips of the host to alow)  
   preserve case = No
   short preserve case = No

[Company]
   comment = Company share
   path = /export/samba/company
   writable = yes
   printable = no
   hosts allow = (ips of the xp host)  
   create mode = 0755
   directory mode = 0755
# End

/Rob
0
 

Author Comment

by:marek100
ID: 10926035
Hi,

I am not sure, but I think a better solution would be to use:
security = ads,
but then I get lost with the installation of kerberos.

can you tell which one is better?
0
 
LVL 8

Accepted Solution

by:
da99rmd earned 125 total points
ID: 10926102
I think ADS is a better choise but i have never used it so i dont realy know how to set it upp but i have a good howto on doing it.
http://de.samba.org/samba/docs/man/unixclients.html#adssdm

/Rob

0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now