Help with authenticating against Active Directory.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Hello all,
I'm trying to authenticate shell login's against an MS-ADS. I don't have admin access to the ADS, but I can talk to the admins.
I have gotten as far as getting authentication working, but the uid's depend on the order of login. ie: the first guy to login gets 10000, the next gets 10001, etc. The problem I have with this is that I want to share the home directories via nfs, which means everyone has to have the same id. 

Is anyone else doing this?

My smb.conf and nsswitch.conf files are below.

TIA

--
Milton Calnek BSc, A/Slt(Ret.)
milton@xxxxxxxxxx
306-717-8737


smb.conf
[global]
        workgroup = example_com
        realm = example.COM
        server string = %h server (Samba %v)
        security = ADS
        map to guest = Bad Password
        passdb backend = tdbsam
        passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . 
        log level = 2 winbind:10
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        dns proxy = No
        wins server = ldap
        ldap ssl = no
        panic action = /usr/share/samba/panic-action %d
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        idmap backend = ldap:ldap://ldap.example.com:3268
        ldap admin dn = cn=Manager,dc=example,dc=COM
        ldap idmap suffix = ou=Idmap
        ldap suffix = dc=example,dc=COM
        template homedir = /home/%U
        template shell = /bin/bash
        winbind separator = +
        winbind use default domain = Yes
        winbind nested groups = Yes
        invalid users = root

nsswitch.confpasswd:     files compat winbind
shadow:     files compat
group:      files compat winbind

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   nisplus

publickey:  nisplus

automount:  files nisplus
aliases:    files nisplus



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux