Use winbind:
Winbind - only works in Samba 3 and up.
First, backup old files:
cp -p /etc/opt/samba/smb.conf /etc/opt/samba/smb.conf.bak
cp -p /etc/opt/samba/username.map /etc/opt/samba/username.map.bak
Install new Samba (if needed)
Verify it is installed:
swlist |grep CIFS
Add to windbind to /etc/nsswitch.conf:
passwd: files winbind
group: files winbind
Add or change /etc/opt/samba/smb.conf
security = DOMAIN
idmap uid = 10000-30000
idmap gid = 10000-30000
template primary group = users
winbind separator = +
as well as valid users, example:
valid users = WINDOWSDOMAIN+user1, WINDOWSDOMAIN+user2
then, for each share, set the valid users as well, example:
[src]
path = /usr/local/src
valid users = WINDOWSDOMAIN+user1, WINDOWSDOMAIN+user2
force user = genericunixid
Note: force user sets the Unix permissions to the uid of that user - so it must be a Unix id.
zero out the username.map file - no longer needed.
May or may not need to re-join the WINDOWSDOMAIN domain:
/opt/samba/bin/net rpc join -U administrator
Start Samba and windbind from either SWAT ( http://server:901 ) or command line:
/opt/samba/bin/startsmb -w
Verify you can connect from Windows by:
Start -> Run -> \\server
Note: you will need IPC share for \\server:
[IPC$]
hosts allow = 192.168.163.0/24 127.0.0.1
hosts deny = 0.0.0.0/0
valid users = WINDOWSDOMAIN+gwild
Check log files on Samba Server in /var/opt/samba if it doesn't seem to be working.
Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
