[ale] SAMBA.conf

sangell at nan.net sangell at nan.net
Wed Jan 9 11:12:58 EST 2002




You are dealing with the same thing I just finished! It was a real pain and
for the first time I got little help from ALE! Must be the only one working
with NT and Linux together! First of all you cannot do NT authentication
from the standard install with Redhat! It does not include winbindd nor the
pam models for samba and winbind to function together. You have to compile
a custom rpm to install samba with winbind and pam. I will attach mine for
you at end of e-mail. Once you have the rpm I send you back up your
smb.conf and from a shell type:

rpm -Uvh samba-2.2.2-20011013.i386.rpm --force this will upgrade all the
files you will need.

Then you will have to edit lines in /etc/nsswitch and edit lines from:
passwd:   nisplus
group:         nisplus
shadow:   nisplus

TO

passwd:   winbind
group:         winbind
shadow:   winbind

Now you will also have to add lines to /etc/pam.d/* and add:
(back these files up first)
auth:          sufficient     /lib/security/pam_winbind.so

account required /lib/security/pam_winbind.so


Now you need to add your samba box to your domain:

First go to a NT server and in Server manager add the system to the domain
using the NetBios name you want it to have and be sure to add it as a
standalone server.
Now go to your linux box and in console type:
(edit /etc/hosts to include any Domain Controllers)

smbpasswd -j YOURDOMAIN -r YOURPDC

You should see Joined YOURDOMAIN

Now there are some lines to add to your smb.conf

winbind separator = + (you can use "/" if you want but it can cause
problems)
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
netbios name = whatevenameyouwant
encrypt passwords = yes
preferred master = no (Important!!! can cause a lot of trouble if set
incorrectly
template shell = /bin/bash (if users will be using telnet)
workgroup = yourdomain
security = domain
password server = *


Once you have made all these changes start snmb and nmbd then you will need
to start your winbindd daemon located in /usr/sbin (and yes it has 2 "d"s)

after that you should be able to type wbinfo -u in console and see a
printout of your domain users or wbinfo -g for a list of groups they will
be in the form of
YOURDOMAIN+username
YOURDOMAIN+domain group
 Now all thats left is to change group permissions to reflect that of the
Domain group you want to access the directories you are sharing. I do this
with File Manager you may have another preference but in file manager I
right click folder, go to properties tab, then click the arrow to expand
and show groups, and there will be the DOMAIN+Groups for me to choose from
as well as the local groups of linux.

I hope this helps and I did not leave out a step along the way. The first
one took me a week to get working. Now I can set one up in minutes.


I cannot send the rpm....too big. Let me know if you have an ftp server I
can send it to you that way or maybe I could place it on an ftp server for
you to pick up...the latter being a last resort option. Let me know!


\_\_\_\_\_\_\_\_\_\_\_/_/_/_/_/_/_/_/_/_/_/
\_    Steve Angell,  MCSE, CCNA           _/
\_    MIS Operations Manager               _/
\_    TSYS Debt Management             _/
\_    Norcross, GA                                   _/
\_    Phone 770-409-5570                    _/
\_    Fax      770-416-1752                   _/
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/


                                                                                                                   
                    "Jay Fox"                                                                                      
                    <g_j_fox at yahoo       To:     <ale at ale.org>                                                     
                    .com>                cc:                                                                       
                                         Subject:     [ale] SAMBA.conf                                             
                    01/09/2002                                                                                     
                    10:16 AM                                                                                       
                                                                                                                   
                                                                                                                   




I am new to editing samba.conf.  From a windows box I can see the RedHat
box
in net neighborhood.  I double click the icon, I get a username / password
box, but there doesn't seem to be any username that will grant me access to
the share.

I have setup a private directory as follows:
[SHARENAME]
    comment = share comment
    path = /var/www/html
    valid users    user1 user2
    public = no
    writable = yes
    printable = no

I have tried both to use root to gain access and my windows logon.  My
windows logon is specified in the valid users as shown above.  How does
Samba get the windows user info from my Windows PDC?

Thanks,
Jay


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should
be
sent to listmaster at ale dot org.







---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list