Hi Per, Thanks for your help. My rehat-ds serves Unix and MAC clients very well. My goal is to let ds serve WindowsXP as well. I only need to let WindowXP client to be able to use login name and LDAP password. This is what I did: 1. add samba.schema LDIF to my redhat-ds and restart the ds server 2. on one of my linux LDAP client, configure and start SAMBA as DC Then I am assuming it should work, but not. Could you email your working smb.conf file? -- Shouben Zhou Science Systems and Applications Inc.(SSAI) 1 Enterprise Pkwy, Hampton, VA 23666 Tel: (757)951-1905 Fax: (757)951-1900 Email: Shouben.Zhou@xxxxxxxx Per Qvindesland wrote: > Hi > > I have setup more samba ldap dc's then I dare to think of and it's > pretty easy, I used to script the whole thing and I had it online for > others to download but I have not maintained it for a long while so it's > way to old to be used today. > > If you are looking at the nt4 style then there is a great howto here: > http://www.howtoforge.com/centos-5.x-samba-domain-controller-with-ldap-backend > > But mind you it could be a good idea to actually look at the samba4, > it's getting pretty stable, I have installed it on a dev environment > where is serves authentication to the dev servers and dev clients and > has not given a day of shit really smooth installation also: > http://wiki.samba.org/index.php/Main_Page#Samba4 > > Per > On Thu, 2010-03-11 at 09:29 +0100, jean-Noël Chardron wrote: > >> Please do not cut the discussion list but post a new thread >> >> Shouben Zhou wrote: >> >>> What is the best way to configure Window clients to authenticate from >>> 389 DS? >>> >>> >> I'm not sure but I have a small idea of it : if you don't have an >> Active Directory server, a way is to setup a domain controler NT4 like >> Samba (free software), It seems little bit complexe as you need to >> setup a backend ldap server with a particular schema to store the >> information of workstations, then setup the samba server, then join each >> XP workstation to the domain of the Samba Server (exactly like AD) . >> An another way is to replace the Gina.dll in windows XP by a new Gina to >> auth from various source as ldap (there are some free project like >> pGina.org that is hosted on sourceforge). In google look after "Gina" or >> "pGina.org". I suppose you will need to replace the DLL and configure >> each workstation that is waste time on a big park of stations. >> >> >>> -- >>> Shouben Zhou >>> Science Systems and Applications Inc.(SSAI) >>> 1 Enterprise Pkwy, Hampton, VA 23666 >>> Tel: (757)951-1905 Fax: (757)951-1900 >>> Email: Shouben.Zhou@xxxxxxxx >>> >>> >>> >>> -- >>> 389 users mailing list >>> 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>> >>> >> > > > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
