Samba and NT logins

[MickDuffin]

Hi,

I've just setup samba and it seems to be working fine, now I want to only allow access to specific directories based on the NT username ( we have an NT domain) is there a way to retrieve nt security from a domain controller?

Thanks in advance

 

[GenesisCraigM]

You can configure SAMBA to authenticate off of a Windows NT domain controller, however, in order to have the capability of mapping specific access control lists to files and directories, you will have to compile Samba with ACL support. This is, essentially, experimental at the moment, and requires you to build acl support into the Linux kernel. Craig J Matthews
System Administrator, Genesis Group
craigm@genesisgroup.com

 

[fluid11]

You can authenticate usernames against a Windows DC like this...


In smb.conf...

security = domain
password server = *
encrypt passwords = yes

You also need to add the Samba computer to the windows domain. First, create a computer account in the domain for the Samba server you want to add. Make sure to select "Allow Pre-Windows 2000 computers to connect to this computer" if your on a Win2K network. You can create computer accounts in either Server Manager (NT4), or AD Users and Computers snap-in (2K).


Next, run this command from linux...

smbpasswd -j 'domainname' -r 'netbios_name_of_pdc'


This will force the Samba server to join the Windows domain using the computer account you created above.

Restart the Samba services and you should be authenticating usernames against a Windows DC.

ChrisP