Koozali.org: home of the SME Server

Obsolete Releases => SME Server 8.x => Topic started by: fpausp on September 05, 2012, 09:33:17 PM

Title: Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04
Post by: fpausp on September 05, 2012, 09:33:17 PM

Hi all,

I would like to know if anyone tried domain-logon with ubuntu 12.04 to sme8 ?

http://wiki.contribs.org/Client_Authentication:Ubuntu


regards
fpausp

Title: Re: Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04
Post by: ReetP on September 18, 2012, 02:36:30 PM

Quote from: fpausp on September 05, 2012, 09:33:17 PM

I would like to know if anyone tried domain-logon with ubuntu 12.04 to sme8 ?

I had a go but ended up tearing my hair out - I decided I had better things to do :-)

I am sure it is possible, and there should really be an easy way to do it.

I followed the howto and got a lot of it going though I don't remember exactly where I got stuck - I think it was the security part, though I use Xubuntu and it may have been to do with the login manager or something similar.

If you do succeed please update the wiki !

B. Rgds
John

Title: Re: Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04
Post by: mdo on September 19, 2012, 01:36:25 AM

We are working on this (testing) at the moment.

The breaking point seems to be due to the newer Winbind/Samba version 3.6.x that comes with Ubuntu 12.04. The entire "id mapping" syntax has changed with Samba 3.6.x. We currently have in our documentation:

idmap uid = 5000-20000
idmap gid = 5000-20000

Now this needs to be something like this:

idmap config * : backend = rid
idmap config * : range = xxxx - xxxxx
idmap config * : base_rid = xxxxx   (if at all required?).

I have not figured out the final values for a smooth migration :-)

Input and testing results from others would be helpful.

Michael

Title: Re: Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04
Post by: olddog11 on November 04, 2012, 07:03:51 PM

I have found a solution that has worked for me, I hope others can make use of it.

I have Linux Mint 13 (Mayo) on my laptop (based on Ubuntu 12.04 which is the LTS version.)

Follow the instructions for Client Authentcation:Ubuntu which can be found within the SME Server Documentation.

When editing /etc/samba/smb.conf the following changes are now required:

Comment out:
idmap uid = 5000-20000
idmap gid = 5000-20000

They are no longer required.

Add the following:

idmap config * : backend = tdb
idmap config * : range = 10001-20000
idmap config DOMAIN : backend = rid
idmap config DOMAIN : range = 10000-20000
idmap config DOMAIN : base_rid = 0

I found it in the Ubuntu forum - see link below
http://ubuntuforums.org/showthread.php?t=2060625&highlight=authentication

I did not find the line
idmap backend = ridDOMAN=10000-20000
if you do then I assume it is not required and can be commented out as well.

I also found that the following line is no longer required so I commented it out.
password server = <ip of sme server>