Join Samba 3 to Your Active Directory Domain - Page 3

By  Carla Schroder | Mar 2, 2005
Page 3 of 3   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Enabling Windbind

Debian users may need to install the winbind package separately. RPM users will find it in the samba-common RPM. First, edit /etc/nsswitch.conf. The first three lines are the most important; the others vary according to your system:

passwd: compat winbind
group: compat winbind
shadow: compat
hosts: files dns wins
networks: files dns
protocols: db files
services: db files
ethers: db files
rpc: db files

Save your changes, and fire up windbind and Samba:

# winbind
# /etc/init.d/samba start

Now verify that windbind is working. These commands pull lists of users and groups from the AD domain controller:

# wbinfo -u
BIGSERVER+Administrator
BIGSERVER+Guest
BIGSERVER+cschroder
BIGSERVER+mhall
# wbinfo -g
BIGSERVER+Domain Computers
BIGSERVER+Domain Admins
BIGSERVER+Domain Guests
BIGSERVER+Domain Users

This command verifies that logins and passwords are coming from the AD server, and not the local machine:

# getent passwd
BIGSERVER+cschroder:x:1000:1000:,,,:/home/BIGSERVER/cschroder:/bin/bash

If winbind is not working and local authentication is still active, they will not have the BIGSERVER+ prefix. Finally, as root run net ads info to display the AD server information.

Troubleshooting

If you've gotten this far and everything works, your Samba server is now a fully-fledged member of your Active Directory domain, and can be managed like any other AD object. A nice bonus is you may have local Linux accounts on the Samba box that are not visible in Active Directory; which means your Samba admins can SSH directly into the Samba server for admin chores, and not have to fuss with AD roadblocks.

A good troubleshooting guide is chapter 9 of "Samba-3 by Example" (Adding UNIX/LINUX Servers and Clients). Also refer to chapter 12 (Identity Mapping) of "The Official Samba-3 HOWTO and Reference Guide" to learn about winbind in greater depth.

Resources

cschroder@internet.com

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter
Helpful Links

  • Yankee Group Mobile WAN Optimization Report

    Mobile work continues to evolve. Your organization must keep up with the demands of its mobile workforce. This report introduces the concept of mobile WAN optimization and provides three case studies including RCM, PRTM and Einstein that highlight how this emerging technology can help IT departments achieve what previously appeared to be conflicting goals. Read >

  • Network Security Resources

    More threats than ever before pose a danger to today's enterprise network. Get the latest tips and intel on the newest risks in our guide to network security resources. Read >

  • Extreme Savings: Cutting Costs with WAN Optimization

    Did you know it's possible to cut IT costs without impacting day-to-day IT operations? In fact, when you download this whitepaper from Riverbed on cost-savings through WAN optimization, you'll discover how businesses of all different sizes have realized a return on investment in just a few months through significant hard cost savings in areas such as bandwidth reduction and IT consolidation. It's called Extreme Savings and its only from Riverbed. Read >