Software :: Configuring Samba Users To Join Clients To The Domain?
Feb 3, 2011
Im currently using an english book to setup my samba server, and im having problems understanding it.
I dont want to use root to join clients to the domain; i prefer creating a plain user.
Ok, so, the steps i follow are:
net groupmap add unixgroup=srvadmins ntgroup="Server Admins"
net groupmap add ntgroup="Domain Admins" unixgroup=dmnadmins rid=512 type=d
net rpc rights grant 'ORAServer Admins' seMachineAccountPrivilege
This way, i have a group called srvadmins with permissions to join clients, a group called dmnadmins with permissions to manage users and other permissions, and root.
Now, users: "root", "dmnadmin"(from dmnadmins group) and "srvadmin" (from srvadmins group) can add machines to domain. Root because is root, srvadmin because i granted permissions, and dmnadmin because is admin
So i wonder, why srvadmins group is needed to be granted privileges?
I tryed to lower dmnadmins privileges by revoking semachineaccountprivilege privilege, but didnt worked
net rpc rights revoke 'ORADomain Admins' seMachineAccountPrivilege
looks like its privileges comes from another group and it user managed to add a machine to the domain correctly.
Ok, so, is this really usefull? why do i need 3 kind of users to be able to join to the domain?
View 3 Replies
ADVERTISEMENT
Aug 18, 2010
We've been running samba on linux for a while and everything was fine. All of a sudden when you add new clients to the domain you get the error message :Logon Failure:unknown user name or bad password. This to me seems like a windows error message and not a samba error. When you remove an existing machine (ie on domain) and then try to rejoin it to the domain you fail.
View 4 Replies
View Related
Sep 3, 2009
Tutorial for setting up a
domain server, dns server, ldap, mail server, firewall and proxy
with centos and how can I join ubuntu clients to the domain?
View 1 Replies
View Related
Sep 28, 2009
I have installed Fedora 11 and all updates. Samba 3.4.1. When join to domain from WinXP box with sp3 show error. The specified network password is not correct.
View 9 Replies
View Related
Mar 31, 2011
I am practising setting up a small network using UBUNTU as a PDC through SAMBA to service xp clients.
I have sucessfully setup DNS on the Ubuntu server using Bind9 and can nslookup from both the client and the server by FQDN and can also ping ipaddress.
I have setup a basic smb.conf file however when I try to add the xp client to the domain I get an error message saying a domain controller for the domain could not be contacted.
I have disabled the firewalls on both the server and the xp client and still get the same error message when trying to join the domain. I've checked my network settings on the client, its set to use a static IP address and the DNS server and WINS server are set as my Ubuntu Samba PDC address.
I haven't been able to see anything odd in the smb.conf file that might cause this issue. I can connect directly to the shares using the samba network account that I created by going to start run and typing in the unc path.
Not sure what the cause of this issue is, I thought it might be a DNS issue on the client. One odd thing I noticed is that when I do nslookup using just the server name and not the FQDN i get a message in dos saying that the default server cannot be found but says that the server name for the [ipadress] cannot be found. It does list the correct ip.
I'm not sure what is causing the problem of stopping my xp client from joining the Ubuntu Samba PDC. I'm using UBUNTU server 10.04.
View 1 Replies
View Related
Dec 18, 2010
I've been configuring a PDC using samba I used this tutorial url as reference. It seems all went well during the installation and configuration not until when I try to join a windows machine to the domain.
Scenario: When the authentication dialog box prompts the username and password of the domain administrator. I supply root as username and its corresponding password. Then I will prompt an error "The user name could not be found. But, I have noticed that when I supply a wrong password of root the it will prompt "Login failure: unknown user name or bad password. It seems that the windows machine was able to recognize the account somehow.
View 8 Replies
View Related
Feb 28, 2011
i need to configure Redhat Linux as Domain Controller in my organisation, whee all of my clients PC's will be Windows XP or Windows 7 ( where i can login through Domain users ). what exactly i need to configure in Redhat Linux, i heard Configuring Samba as PDC is quite enough ? is that right ? then what is Open LDAP ? should i need to Configure Open LDAP also ?
View 2 Replies
View Related
Dec 8, 2009
I've setup my samba pdc with ldap, and I can see my shared files (public), which i think is an indication that my samba is working. But I can't seems to get my win2k8 machine to join my domain.
My domain admin is : root system admin: root password for both domain admin and system admin are the same The message that I get from Win2k8 when I try to join a domain is "The specified computer account could not be found. Contact an administrator to verify the account is in the domain. If the account has been deleted unjoin, reboot, and rejoin the domain"
[Code]...
View 2 Replies
View Related
May 13, 2010
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
[Code].....
View 9 Replies
View Related
Aug 26, 2010
I use OpenSuse 11.3 and I successfully built a samba/openldap server. However the raoming profiles were not working so I removed the roaming profile part of the samba and the openldap using ldap account manager. I also rejoined a couple of the computers back to the domain successfully (it was not an instaneous join, it took a good minute or 2 to join each pc). Now I cannot cannot login to any of these computers with the domain credentials. I can share using the UNC path no problem and this was working find about 1 week ago.
On 1 of the computers Iw as able to finally get a log file saying this:
View 2 Replies
View Related
Aug 26, 2010
On all of my xp clients no matter what the username is is I am continously getting the error saying that the profile cannot be found. I just built this domain recently and since day 1 the roaming profiles have not worked.
here is my smb.conf:
# Primary Domain Controller smb.conf
# Global parameters
[global]
unix charset = utf8
[code].....
View 1 Replies
View Related
Apr 28, 2010
I feel ashamed for even asking this, since it seems like there's about 3 samba questions here every day. However after an hour of searching, I keep finding strange variants that aren't what I need.
My Goal: Create a single file share on an Ubuntu Server - share it via samba to Windows clients that are on a domain with active directory. It sure would be nice if AD authentication would work - so users don't have to type in a linux user/passsword each time they want to access the share.
In my adventures, I've found the following items (which may overlap)
1. Joining the server to a Windows Domain
2. Turning the server into a Windows Domain Controller
3. Authentication with LDAP (still not quite sure how/what this would do)
4. Stuff with Kerberos
5. Lots of people bickering about Samba 3/4 & how it's impossible to make Samba a PDC.
I'm not sure if I need to make the ubuntu server a domain controller or not...all I want to do is create a file share and share it on the domain...I don't need to make the ubuntu server a domain controller for that, right? Maybe just a member? Maybe nothing at all?
I guess if I want to authenticate stuff correctly (or forward authentication requests? Not sure), I probably need to join the ubuntu server to the domain...I think.
But let's say I do join it to the domain...then how to I create a file share that is authenticated via active directory rather than a local ubuntu server account? I see a dozen guides on joining the server to the domain, but nobody ever mentions sharing the folder over the domain.
The lines are also blurred between joining Ubuntu to the domain and making it a domain controller. What should I keep an eye out to avoid in these tutorials?
I get lost between the Kerberos/LDAP/Samba/WinBind etc...and I have a feeling I don't need all of these for something this simple.
View 1 Replies
View Related
May 26, 2009
I am trying to configure samba for anyone of the scenarios in the subject. here's what my smb.conf looks like:
Code:
workgroup = RnD
[Samba Share]
comment = Samba share on Ubuntu!
path = /srv/sharedfolder
available = yes
[code]....
The error while trying to connect to the share is:
smbd/service.c:make_connection_snum(1082) Can't become connected user!
View 12 Replies
View Related
Sep 21, 2010
I want to set a log off script for samba domain users. Actually I am facing a huge temp files related problem. So I want to set a batch file which will run when domain user log off. When user logout then batch file run and delete all temp files.I have already set batch file local group policy and it works for me, but I wants to set it from server side.
View 1 Replies
View Related
Jun 9, 2010
I was wondering if there is any way to enable an MS Windows client that is otherwise unable of joining a domain to join a domain controlled by (open)SUSE? Is that inability only for joining a Windows based domain but a client that runs XP Home Edition or similar domain- incapable version of Windows could join a domain if it was controlled by Linux?Pardon my newbie style, but answer doesn't have to be detailed step-by-step, just yes/no answer with some pointers would do. I am not new to linux but new to network services... search engines weren't friendly when asked this question at the search bar...
View 2 Replies
View Related
Jul 21, 2010
I don't know if this is possible... I want that only some of a Windows Domain(Samba) users can to logging in a machine.For example: The user Peter of the domain WORKSPACE can connect to the PC1, but the user Charly of the domain WORKSPACE can not connect to the PC1. How I can implement this?
View 5 Replies
View Related
Nov 12, 2010
Have recently setup Samba on a fresh install of Fedora 14 so that I can use it as a workstation in a Windows 2003 (win2k3) domain.
The install of Samba seems to have worked as I can connect to the Domain using ADS and kerberos. selinux and firewall have been disabled until I have it working 100%
The problem lies when i try to login to Gnome or TTY. It begins to create the home directory for the domain user logging in but after a certain process Fedora logs the user out of the system.
Have looked through several log files (/var/log/messages, log.winbindd, log.winbindd-dc-connect) but am unable to debug it any further.
Have posted the config files below which shows the Fedora machine is successfully connected to the domain as it lists its groups, users and validates logon credentials - it just won't logon!
Where i can go about debugging. Also if you need additional configs.
View 1 Replies
View Related
May 20, 2010
I have Ubuntu server 10.04 joined to a domain using Likewise Open. I can login using my domain credentials and have added my domain account to the sudoers file. Now that I've got it joined to the domain I want to add some samba shares and have domain members use their accounts to access them. However, no matter what combination of my domain name and the domain user or group I use in the valid users field it won't let me in. What's the proper way of inputting a domain user or group in the valid user field?
This is the entry I'm using for the share:
Code:
[testshare]
path = /srv/testshare
valid users = @"Domain Name+Domain Group" (Have tried many things here)
public = no
writable = yes
printable = no
create mask = 0765
View 2 Replies
View Related
Aug 21, 2009
I've got a home server running Ubuntu Server 9.04 and several machines running Ubuntu Desktop (9.04 and 8.04) and Windows (XP, Vista and 7). Now what I want to do is to create a domain and directory server similar in function to Windows Server w/ AD and join my other machines to the domain, but am not sure where to start. I already have file shares with Samba but now I want to setup a domain.
View 3 Replies
View Related
Jun 9, 2010
I put a Lucid 10.04 box on a Windows AD network. I want it to join the domain. I used likewise-open5_5.0.3991.1-0ubuntu2_i386
I ran
1. sudo apt-get update
2. sudo apt-get install likewise-open
3. sudo domainjoin-cli join fqdn of your domain Administrator
4. sudo update-rc.d likewise-open defaults
5. sudo /etc/init.d/likewise-open start
After step 3, I get
Joining to AD Domain: mydomain dot local
With Computer DNS Name: ubuntu dot mydomain dot local
Administrator(at)MYDOMAIN dot LOCAL's password: [I entered it]
Error: Lsass Error [code 0x00080047]
40286 (0x9D5E) LW_ERROR_LDAP_SERVER_DOWN - Unknown error
Im just a Windows schlep new to Linux. I dont even know where to find things like /etc/nsswitch.conf--winbind, let alone how to edit them.
"You are only allowed to post URLs to other sites after you have made 15 posts or more" It took me an hour to get this to post. I attached a text file without all the spaces and 'dots'.
View 6 Replies
View Related
May 30, 2010
how can i join linux and mac machine with windows domain?
View 1 Replies
View Related
Sep 28, 2009
I have a centos 5 server joined to a win2003 active directory domain. It's a virtual machine, so i had to sync the date (ntpdate) because it was 12 minutes different. It worked, but not ntlm authentication is not working anymore. If i rejoin the domain i get:
net ads join -U administrator@MYDOMAIN.COM
administrator@MYDOMAIN.COM's password:
Failed to set password for machine account (NT_STATUS_DISK_FULL)
Failed to join domain: NT_STATUS_DISK_FULL
View 5 Replies
View Related
Aug 22, 2010
I have 15 or so debian lenny machines, and a xen server that I would like to join to the windows 2003 AD domain controller. The main goal is I would like the windows / linux user names and passwords to be the same on each system. Only 10 or so users need access to the machines but the passwords sometimes are different. How should I go about accomplishing this ?
I was told that openldap may be a solution. But from what I've read about it sounds like its just a mimic or window AD and doesnt sync with it, at least natively ?
View 2 Replies
View Related
Nov 19, 2010
Where can I find information about how to get OpenSUSE 11.3 to join a Windows Domain that uses Kerberos?
View 1 Replies
View Related
Feb 12, 2010
I've installed Ubuntu 9.10 in my office desktop. as a newbie in the world of linux, i really do not know much about it. I want to join my desktop in our domain. i already have the ip addresses of the DNS servers but i dunno where to put it. i've installed likewise open and try to join the domain but it displays the following errors: Manual Configuration Required:
The configuration stage 'open ports to DC' cannot be completed automatically. Please manually perform the following steps and rerun the domain join: Some required ports on the domain controller could not be contacted. Please update your firewall settings to ensure that the following ports are open to 'MARVEL2.LBPNET':
88 UDP
389 UDP
464 UDP
445 TCP
View 1 Replies
View Related
May 15, 2011
How to join ubuntu computer to a windows domain ?
View 3 Replies
View Related
Mar 11, 2010
I am new to Debian Linux and I have just installed the software. How can I join the computer to a Windows domain? How can I configure the network?
View 1 Replies
View Related
Mar 4, 2010
i have installed RHEL5 on my system.i want to join my system on my organisation s active directory domain.how can i do it?suppose domain name is "abc-xyz"
View 6 Replies
View Related
Dec 21, 2010
Once I setup winbind, samba, and krb5, and I attempt to join the machine to the domain, I get an error message as follows:
net ads join -U user@domain
Failed to join domain: failed to lookup DC info for domain 'XXX.COM' over rpc: Duplicate name on network.
How can I correct this?
View 1 Replies
View Related
Feb 3, 2010
At work, we run Windows... Windows domain, windows workstations, etc. Today my boss asked me my thoughts on running an Ubuntu lab within the mixture of our existing Windows setup.
Well, that brought several questions to mind. So I understand you can bind an Ubuntu computer to a Windows domain, seems easy enough, whether you do it through Samba or the other guide I read that I kind of forget at the moment, but anyway...
I was just curious how Ubuntu interacts with domain users when on the windows domain. For example, if we have an Ubuntu machine on the Windows domain with a local user "administrator" and that's it, would any domain users be able to log into the Ubuntu work station, similar to how it is on Windows?
View 7 Replies
View Related
