Formatting code for LinuxSamba
{{parent page="Linux"}}
==Nice articles on Samba==
http://www.phptr.com/articles/article.asp?p=419048&rl=1
=== Mounting windows share ===
From FC5, smbfs is replaced by cifs. To mount a windows share, do this
%%(bash)
mount -t cifs -o username=xxx,password=yyy,rw //server/share_name /mnt/mount_name
%%
=== Sharing Linux directories to Windows network===
Most of these are from http://wiki.samba.org/index.php/Samba_&_Active_Directory
==Setting up KRB5===
%%(text;krb5.conf)
[libdefaults]
default_realm = DOMAIN.COM
[realms]
DOMAIN.COM = {
kdc = dc1.domain.com
admin_server = dc1.domain.com
default_domain = domain.com
}
[domain_realm]
.kerberos.server = DONAIM.COM
.domain.com = DOMAIN.COM
%%
==Setting up Samba==
%%(text;smb.conf)
workgroup = WINDOMAIN
preferred master = no
security = domain
encrypt passwords = yes
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nested groups = Yes
idmap uid = 10000-20000
idmap gid = 10000-20000
realm = DOMAIN.COM
password server = dc1.domain.com
[shared]
comment = Samba share
path = /samba_share
public = yes
writable = yes
printable = no
browsable = yes
%%
==Edit nsswitch==
%%(text;/etc/nsswitch.conf)
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files dns wins
%%
==Setting up PAM==
%%
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3 type=
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session required /lib/security/$ISA/pam_winbind.so use_first_pass
%%
==Joined this linux box to the windows domain==
%%
# net ads join -U administrator -S dc1.domain.com -w WINDOMAIN
administrator's password:
Using short domain name -- WINDOMAIN
Joined 'LINUXBOX01' to realm 'DOMAIN.COM'
%%
==Nice articles on Samba==
http://www.phptr.com/articles/article.asp?p=419048&rl=1
=== Mounting windows share ===
From FC5, smbfs is replaced by cifs. To mount a windows share, do this
%%(bash)
mount -t cifs -o username=xxx,password=yyy,rw //server/share_name /mnt/mount_name
%%
=== Sharing Linux directories to Windows network===
Most of these are from http://wiki.samba.org/index.php/Samba_&_Active_Directory
==Setting up KRB5===
%%(text;krb5.conf)
[libdefaults]
default_realm = DOMAIN.COM
[realms]
DOMAIN.COM = {
kdc = dc1.domain.com
admin_server = dc1.domain.com
default_domain = domain.com
}
[domain_realm]
.kerberos.server = DONAIM.COM
.domain.com = DOMAIN.COM
%%
==Setting up Samba==
%%(text;smb.conf)
workgroup = WINDOMAIN
preferred master = no
security = domain
encrypt passwords = yes
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nested groups = Yes
idmap uid = 10000-20000
idmap gid = 10000-20000
realm = DOMAIN.COM
password server = dc1.domain.com
[shared]
comment = Samba share
path = /samba_share
public = yes
writable = yes
printable = no
browsable = yes
%%
==Edit nsswitch==
%%(text;/etc/nsswitch.conf)
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files dns wins
%%
==Setting up PAM==
%%
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3 type=
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session required /lib/security/$ISA/pam_winbind.so use_first_pass
%%
==Joined this linux box to the windows domain==
%%
# net ads join -U administrator -S dc1.domain.com -w WINDOMAIN
administrator's password:
Using short domain name -- WINDOMAIN
Joined 'LINUXBOX01' to realm 'DOMAIN.COM'
%%
