[TriLUG] SAMBA 3.0.2 shares storing installation software
Roy Vestal
rvestal at trilug.org
Fri Jun 18 14:58:46 EDT 2004
Sure. Here it is.I'll give you the quick run down of what I had to install.
I hope to one day write this up as a mini-howto.
To install Samba 3.0.2, I had to install the following rpms. This is on a
Fedora Core 1 box, but I also have an install on a WhiteBox Enterprise 3.0
Linux server and it works fine too.
krb5-libs-1.3.1-6
krb5-workstation-1.3.1-6
krb5-devel-1.3.1-6
krb5-server-1.3.1-6
openldap-2.1.22-8 (2.1.23 is recommended)
openldap-devel-2.1.22.8
samba-3.0.2-7-FC1
samba-common-3.0.2-7.FC1
samba-client-3.0.2-7.FC1
samba-swat-3.0.2-7.FC1 (if you want swat capability. This is totally
optional)
Depending on the distro, you may have to install compatible libraries for
gcc for your distro and rebuild *src.rpms. Check you docs for more info.
Here's the smb.conf. Please note, you MUST run winbind in order to join the
domain as an ADS client/member. Comments are in the parenthesis.
-------------------------------Begin
smb.conf------------------------------------
[global]
realm = yourdomain.com (lowercase)
security = ADS
encrypt passwords = yes
netbios name = SERVERNAME (needs to be UPPERCASE)
server string = Samba %v Server (Windows description line for the
server)
workgroup = DOMAINNAME (This is your ADS domain name, UPPERCASE)
case sensitive = no (This can go here or in each share)
preserve case = yes
winbind uid = 10000-20000
winbind gid = 10000-20000
local master =no (If this is set to yes, then your ADS may not be
browseable. YMMV)
#[homes]
# comment = User Home Directory
# browseable = no
# writable = yes
# create mode = 0660
# directory mode = 0770
[share]
comment = shared directory
path=/path/to/shares
writeable = yes
------------------------------------End
smb.conf -----------------------------
You also need to make your krb5.conf match your domain correctly
------------------------------------Begin
krb5.conf----------------------------
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = DOMAINNAME (This is your ADS domain name, UPPERCASE, same
as in the globals for smb.conf)
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
DOMAINNAME (This is your ADS domain name, UPPERCASE, same as in the globals
for smb.conf)= {
kdc = kdc.yourdomain.com:88
admin_server = kdc.yourdomain.com:749
default_domain = yourdomain.com
}
[domain_realm]
yourdomain.com = YOURDOMAIN.COM
anotherdomain.yourdomain.com = ANOTHERDOMAIN.YOURDOMAIN.COM
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
-----------------------------End
krb5.conf---------------------------------------------
I hope this helps. YMMV, etc, etc.
----- Original Message -----
From: "Jim Ray" <jim at neuse.net>
To: "'Triangle Linux Users Group discussion list'" <trilug at trilug.org>
Sent: Friday, June 18, 2004 1:54 PM
Subject: RE: [TriLUG] SAMBA 3.0.2 shares storing installation software
> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On
> Behalf Of Roy Vestal
> Sent: Friday, June 18, 2004 1:38 PM
> To: Triangle Linux Users Group discussion list
> Subject: Re: [TriLUG] SAMBA 3.0.2 shares storing installation software
>
> Actually, I just fixed my problem. Heh, pulled a Homer, "DOH!"
>
> Anyway, the *correct* option is "case sensitivity = no" not "mangle case =
> yes". I removed "mangle case = yes" and replaced it with "case sensitivity
> =
> no" on each share and it's working correctly.
>
> :)
>
[JR>] you da man. Any chance of posting config? I still don't have a grip
on permissions with samba and their relation to linux file system
permissions.
More information about the TriLUG
mailing list