FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Edubuntu Development

 
 
LinkBack Thread Tools
 
Old 09-21-2012, 08:25 PM
Stéphane Graber
 
Default Samba4 and SSSD

Hello,

At last UDS Jonathan gave me a work item to investigate the current
state of samba4 and sssd in Ubuntu 12.10.

I spent a bit of time the past two days looking at that and doing a
bunch of backports (in a PPA for now) for 12.04.

samba4 in Ubuntu 12.10 looks pretty good, it's relatively easy to
deploy, if you're lucky, debconf will even do the right thing.
Otherwise, just remove /etc/samba/smb.conf and call
/usr/share/samba/setup/provision manually.

Managing samba4 is reasonably easy with the samba-tool command shipped
with samba4. If you need more advanced configuration, the easiest is to
use a Windows machine with the active directory remote support tools
installed.

The easiest way to get Linux clients to work with samba4 is to start by
creating an unprivileged "binduser" account.
"samba-tool user add binduser" will do that for you.

Then on the client side, install sssd (apt-get install sssd) and write
something like that in /etc/sssd/sssd.conf:
---
[sssd]
domains = SAMBA
services = nss, pam
config_file_version = 2
sbus_timeout = 30
debug_level = 0

[nss]
default_shell = /bin/bash

[domain/SAMBA]
enumerate = false
cache_credentials = true
fallback_homedir = /home/%u

id_provider = ldap
auth_provider = krb5
chpass_provider = krb5

dns_discovery_domain = domain.net
krb5_realm = DOMAIN.NET

ldap_schema = ad
ldap_id_mapping = true
ldap_default_bind_dn = binduser@domain.net
ldap_default_authtok = password
ldap_user_gecos = displayName
ldap_force_upper_case_realm = true
---

As you can see, this relies on dns_discovery to find the server. If you
don't have all the right records in your DNS, you should be able to get
around that by also adding:
ldap_uri = ldaps://<ip>
krb5_server = <ip>

And then remove dns_discovery_domain.


I'm still working on getting Edubuntu Server into a nice shape so we can
try and ship it in Edubuntu 13.04 which will include a working samba4
server and an easy way to configure clients.

--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com

--
edubuntu-devel mailing list
edubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel
 

Thread Tools




All times are GMT. The time now is 05:53 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org