[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Samba Help
When I tried to add the 'realm' line to smb.conf, 'realm' didn't turn green,
like the other options are. Is this because it doesn't look like Kerberos
is installed on this Mandrake 10 box (I can't find a krb5-<version>.rpm)? I
am guessing it needs to be so it can talk with the Win 2003 server, right?
So can I just install an rpm for KRB5, or is there something extra I need to
do samba to use kerberos?
Thanks for all the help with this, Travis, and anyone else that can add any
insight.
>From: Travis Owens <openbook@linuxmds.com>
>Reply-To: silug-discuss@silug.org
>To: silug <silug-discuss@silug.org>
>Subject: Re: SILUG: Samba Help
>Date: Fri, 09 Jul 2004 20:17:40 -0500
>
>Ray,
>
>Just glancing through everything, if you're dealing with ADS on a
>Windows network, shouldn't your file include a realm and shouldn't your
>security be set to ADS ?
>
>I'm reading various things from Samba's website, but I'm doing this
>faster than what I want to... I'll be working on it a bit later more
>thoroughly.
>
>HTH,
>Travis
>
>On Fri, 2004-07-09 at 14:02, Ray Holtz wrote:
> > Sure, here is my smb.conf with some data replaced by <blahblah> to
>thwart
> > hackers reading the archives. [homes] is for each user's personal home
> > directory, [temp] is the public share. Because this server is not
>acting as
> > a PDC, and do I need the [netlogon] section? noone will be actively
>logging
> > on to this server, just mapping to it through the Active Directory.
> > Thanks!
> >
> > #smb.conf
> > [global]
> > workgroup = <workgroup>
> > netbios name = <netbiosname>
> > Server string = File Server
> > log file = /var/log/samba/log.%m
> > max log size = 5
> > log level = 2
> > security = domain
> >
> > # Winbind configuration
> > winbind separator = /
> > winbind uid = 10000-20000
> > winbind gid = 10000-20000
> > winbind cache time = 15
> > winbind enum users = yes
> > winbind enum groups = yes
> > template homedir = /home/%D/%U
> > ; template shell = /bin/bash
> > winbind use default domain = yes
> > update encrypted = yes
> > # password configuration
> > encrypt passwords = yes
> > smb passwd file = /etc/samba/smbpasswd
> > unix password sync = yes
> > passwd program = /usr/bin/passwd %u
> > ; passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> > *passwd:*all*authentication*tokens*updated*successfully*
> > ; pam password change = yes
> > ; obey pam restrictions = yes
> > lanman auth = yes
> > lm announce = yes
> > logon home = \\<netbiosname>\%U
> > logon path = \\<netbiosname>\%U
> > local master = yes
> > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> > wins server = <winsIPaddress>
> > add user script = /usr/sbin/useradd %u
> > ; -s /bin/false '%u'
> > add user to group script = /usr/bin/gpasswd -a '%u' '%g'
> >
> > [netlogon]
> > comment = Network Logon Service
> > path = /var/lib/samba/netlogon
> > guest ok = no
> > write list = administrator
> > browseable = no
> > share modes = no
> >
> > [homes]
> > comment = Home Directories
> > browseable = no
> > writable = yes
> > path = /home/%u
> > valid users = %S
> > read only = no
> > create mode = 0664
> > directory mode = 0775
> >
> > [temp]
> > comment = Temporary file space
> > path = /home/temp
> > read only = no
> > public = yes
> > create mode = 0664
> > directory mode = 0775
> >
> > #end smb.conf
> >
> > _________________________________________________________________
> > MSN Toolbar provides one-click access to Hotmail from any Web page
>FREE
> > download! http://toolbar.msn.click-url.com/go/onm00200413ave/direct/01/
> >
> >
> > -
> > To unsubscribe, send email to majordomo@silug.org with
> > "unsubscribe silug-discuss" in the body.
>--
>Travis Owens <openbook@linuxmds.com>
>
>
>-
>To unsubscribe, send email to majordomo@silug.org with
>"unsubscribe silug-discuss" in the body.
_________________________________________________________________
Check out the latest news, polls and tools in the MSN 2004 Election Guide!
http://special.msn.com/msn/election2004.armx
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.