Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: RupertTHEbare on November 06, 2008, 05:33:47 PM
-
Can anyone tell me if there is a How-To anywhere which will show me the simple way (if there is one) to set up my Advanced Samba SME Server as an Active Directory Domain Member on a Windows 2003 Server domain?
Currently my configuration looks like this...
# config show smb
smb=service
DeadTime=10080
DomainMaster=no
KeepVersions=enabled
OpLocks=enabled
OsLevel=35
RecycleBin=enabled
RoamingProfiles=no
ServerName=mumbojumbo
ServerRole=WS
ShadowCopy=enabled
ShadowCount=10
ShadowDir=/home/e-smith/files/.shadow
UnixCharSet=UTF8
UseClientDriver=no
WINSServer=192.168.1.12
Workgroup=asapcleaningltd.local
status=enabled
But when I issue an "net rpc join -U Admin_name%password" I get "cannot join as standalone machine".
What am I doing wrong or not doing?
RTB.
-
Can anyone tell me if there is a How-To anywhere which will show me the simple way (if there is one) to set up my Advanced Samba SME Server as an Active Directory Domain Member on a Windows 2003 Server domain?
Not possible at the moment, but work in that direction is done. Greg Zartman has launched development in this direction. He is also in the forums, I will direct him to this thread, perhaps he has some usefull comments or estimates when this might be possible.
-
Can anyone tell me if there is a How-To anywhere which will show me the simple way (if there is one) to set up my Advanced Samba SME Server as an Active Directory Domain Member on a Windows 2003 Server domain?
Currently not possible with SME unless you do quite abit of hacking. There is an effort underway to add this functionality to SME here: http://bugs.contribs.org/show_bug.cgi?id=4666 And a wiki document here: http://wiki.contribs.org/Advanced_Samba
Greg
-
Thanks for the heads-up cactus, even if it wasn't quite what I wanted to hear.
And Greg... keep up the good work. As I wrote, I am using the Advanced Samba contrib at the moment.
RTB.
-
Hi,
I don't have the contrib installed yet, but I was searching for options to configure the SME server to become a Domain Member (DM) quite a while. This contrib is really important for more advanced SME usage.
@Greg,
I would assume that DM was the most wanted option, and I think that it should pave the way to implement the other options as well. Are there any (ideas on) time plans to overcome the limitations with regard to access control as described here http://wiki.contribs.org/Advanced_Samba#Known_issues ?
turandot
-
Are there any (ideas on) time plans to overcome the limitations with regard to access control as described here http://wiki.contribs.org/Advanced_Samba#Known_issues ?
turandot
Most of the work is already done in a test-setup I'm using for almost a year now.
I'm between jobs right now and that limits me in rounding up this issue since I already promised Greg a solution.
I would say : stay tuned.... it's a work in progress.
Harro
-
Hi,
I don't have the contrib installed yet, but I was searching for options to configure the SME server to become a Domain Member (DM) quite a while. This contrib is really important for more advanced SME usage.
Domain membership in an NT4 type domain works fine with the contrib.
@Greg,
I would assume that DM was the most wanted option, and I think that it should pave the way to implement the other options as well. Are there any (ideas on) time plans to overcome the limitations with regard to access control as described here http://wiki.contribs.org/Advanced_Samba#Known_issues ?
Functionality needed to provide activate directory membership won't help with SME becoming a backup domain controller or an active directory domain controller. Backup domain controller functionality won't happen until we get a solid LDAP authentication backend to SME. My understanding is that most of the pieces are in place to deploy and LDAP auth backend to SME.
SME as an Active Directory PDC won't happen until we get Samba 4, which is a ways off yet.
How's that for timelines. ;)
-
Hi Greg,
many thanks for your update. I know that Samba 4 may take more than a while, but currently I am not too much hoping on Active Directory support. I am primarily interested in full support of the Domain Member (NT4 style) including access control of shares based on domain users and groups...
Hope this clarifies.
Thanks a lot, turandot
-
I am primarily interested in full support of the Domain Member (NT4 style) including access control of shares based on domain users and groups...
All of this is available with smeserver-adv-samba, via winbindd.
However, domain groups currently are not recognized by the ibays server-manager panel; therefore, there is no way to control access to ibays by domain group using the server-manager. At this point, this is intentional because the domain member server role is not supported in the core SME distro.
To implement access control to ibays by domain group, you'll need to create a custom template fragment.
-
1 is not login
net rpc join -U administrator@passwordserver2003
Password:
Could not connect to server T1
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILUR
2 is login join
#net rpc join -U adminisrtators
#password :
join to domain DOMAIN
l login from xp to server2003Active Directory Domain Member user1@password activ Directory
is ok
type from xp
net use f: //mysem7.3/user1
is ok
net use g: //myserve2003/user1
is not work
net use g: //ip=server2003/user1 (ping myserver2003 is ok)
is work
help ?
Currently my configuration looks like this...
# config show smb
smb=service
DeadTime=10080
DomainMaster=no
KeepVersions=enabled
OpLocks=enabled
OsLevel=35
RecycleBin=enabled
RoamingProfiles=no
ServerName=mysme7.3
ServerRole==DM
ShadowCopy=enabled
ShadowCount=10
ShadowDir=/home/e-smith/files/.shadow
UnixCharSet=UTF8
UseClientDriver=no
DOMAIN=domain
Workgroup=domain
status=enabled
-
The net command in the current version of Samba isn't working correctly. You'll need to use the following syntax to join a domain:
net rpc join -U pdc_admin_username%pdc_admin_password
-
ok (@ %)
net rpc join -U administrator%password
Joined domain T10.
[root@linux ~]#
is work good
-
howto stop join to domain
for join to new domain ?
-
howto stop join to domain
for join to new domain ?
Please do some research your self (you have been told multiple times). These are general linux commands from the samba package. For instance this would give you a detailed list of commands and their functions when entered on the command line of your server:
man net
-
Very good!
Thank you
is work Active Directory users and groups
i open only groups in sme is work (groups = Active Directory =sme 7.3)
if you make new grous It is necessary to signal-event workgroup-update
-
is work Active Directory users and groups
i open only groups in sme is work (groups = Active Directory =sme 7.3)
if you make new grous It is necessary to signal-event workgroup-update
No, SME 7.4 cannot read active directory domain users nor groups. SME 7.4 will join the domain, however it can't use the AD auth mechanisms, so the membership is basically useless.
-
Very good!
Thank you
is work Active Directory users and groups
i open only groups in sme is work (groups = Active Directory =sme 7.3)
if you make new grous It is necessary to signal-event workgroup-update
to stop join to domain del /etc/lpd/*.*
config new smb
join to new domain