[CLUE-Tech] Samba 3 & Active Directory
Mike Staver
staver at fimble.com
Wed Aug 25 15:40:52 MDT 2004
> Mike Staver wrote:
>
>> Does anybody currently have Samba 3.x box authenticating against
>> Active Directory yet?
>
> [...]
>
>> Do I need kerberos for this?
>
>
> You should be able to get samba to work against AD if the Win side
> allows NTLM authentication (and perhaps NTLMv2 if samba supports that).
> If you want to use kerberos, which is the new way AD authenticates then
> you need kerberos. Like most Linux services you'll have much more luck
> with it if you understand how it works.
Well, I'm trying to understand. For example, here is my smb.conf file:
# smb.conf is the main Samba configuration file.
[global]
workgroup = RTSENTERPRISE
netbios name = TIMMY
wins server = 64.242.89.10
security = ADS
password server = *
realm = globaltaxnetwork.com
server string = TIMMY
encrypt passwords = Yes
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
hosts allow = 64.242.89. 127. 216.150.207.155
os level = 0
dns proxy = No
load printers = No
[html]
comment = html
browseable = Yes
read only = No
path = /srv/www/htdocs
The part of that file that I question is the line "realm". I have an
active directory workgroup/domain labeled RTSENTERPRISE. I'm sure
that's not what realm is referring to. So, I'm assuming it means the
part of AD globaltaxnetwork.com - not sure if that is correct though.
Once I find the definition of this term, that will go a LONG way in
helping me set up the krb5.conf file I think.
--
-Mike Staver
staver at fimble.com
mstaver at globaltaxnetwork.com
More information about the clue-tech
mailing list